Bug#731463: Bug#718434: Bug#731463: Bug#718434: ca-certificates: should CAcert.org be included?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sat Dec 7 02:18:28 UTC 2013
On 12/06/2013 08:11 PM, Michael Shuler wrote:
> On 12/06/2013 06:21 PM, Daniel Kahn Gillmor wrote:
>> can we ship CAs marked as "disabled" by default?
>
> I think this would prove to be a rather severe disservice to Debian
> users, making all SSL connections fail for all software that is or
> depends on one of the reverse dependencies of ca-certificates.
I didn't mean to imply that we would ship all CAs as disabled by default
-- i agree that would probably be unhelpful. i just meant that the
decision about "not including CAcert.org" doesn't need to be a binary
decision -- instead of dropping it, we could ship the certificate, but
have it disabled by default, while leaving the others alone.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20131206/5b2f8e64/attachment.sig>
More information about the pkg-mozilla-maintainers
mailing list