Bug#309564: cacert certificate

Mike Hommey mh at glandium.org
Fri Jul 11 13:51:53 UTC 2008


On Fri, Jul 11, 2008 at 03:23:04PM +0200, Alexander Sack <asac at debian.org> wrote:
> On Fri, Jul 11, 2008 at 02:27:52PM +0200, martin f krafft wrote:
> > also sprach Alexander Sack <asac at debian.org> [2008.07.11.1414 +0200]:
> > > So, do you want a _special_ inclusion for just cacert here or
> > > something that honours the selections made during ca-certificates
> > > package configuration?
> > 
> > Of course, the former would be better but probably also harder to
> > get in place in time for lenny. Thus, the latter would be a good
> > intermediate solution.
> > 
> 
> IMO, the _special_ inclusion is easier to do from a technical pov;
> however, this wont allow users to opt-out. Maybe we can build the
> security module twice (e.g. original certs + extended certs) and use
> the debian alternatives system?
> 
> Mike? What are your thoughts on this?

Why would someone need to opt-out ? Anyways, you *can* opt-out without
needing an alternate security module.
Edit > Preferences > Advanced > Encryption > View Certificates >
Authorities > Edit > This certificate can identify $category

Mike





More information about the pkg-mozilla-maintainers mailing list