pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: pkgsrc/security/mozilla-rootcerts
Leonardo Taccari <leot%NetBSD.org@localhost> writes:
> Greg Troxel writes:
>> [...]
>> I think we should delete MESSAGE then (not right now). The bit about
>> gnupg belongs as documentation, not MESSAGE, because it is mere
>> configuration information and not execptional. More importantly, the
>> code should be hoisted into a mozilla-rootcerts-gnupg2 packge, just like
>> the -openssl one. We should probabl also have a -gnutls version.
>> [...]
>
> At the moment gnutls hardcodes the default trust store and explicitly
> depends on mozilla-rootcerts (yes, probably that's a bug but not
> passing `--with-default-trust-store-file=' configure argument leads to
> a gnutls package that honors possible trust store in
> not-completely-predictable way depending on the configure logic
> auto-guessing).
>
> What a mozilla-rootcerts-gnutls should do/provide?
Given what you said, there is no need. I had no idea how gnutls worked.
> On the other hand, if there are other CAs collection and someone is
> interested a generic "rootcerts" meta-package could be interesting to
> permit the user to select their favourite rootcerts (maybe similar to
> what is done for ghostscript).
That's a huge can of worms! The realistic issue is choosing a subset of
mozilla. I would prefer to keep this separate from dealing with
mozilla for now, but if whatever is clean and nonconfusing I don't
object.
Home |
Main Index |
Thread Index |
Old Index