Re: Cert validation in pkg_add

To: Greg Troxel <gdt%lexort.com@localhost>
Subject: Re: Cert validation in pkg_add
From: Benny Siegert <bsiegert%gmail.com@localhost>
Date: Sun, 17 Dec 2023 22:35:40 +0100

>  We have had one positive comment.  One person told me they would test
>  and comment, but haven't yet.  Another person in private mail was
>  vaguely positive but unconvinced about the rush.
> 
>  I'm still uncomfortable about the lack of other people really reading
>  and consdering impacts, given that this arose in month 3.

Let me come out strongly in favor then.

I think pkg_add should absolutely check certificates for PKG_PATHs with SSL and I think Taylor’s approach here is totally reasonable.

— 
Benny

References:
- Re: Cert validation in pkg_add
  - From: Taylor R Campbell
- Re: Cert validation in pkg_add
  - From: Greg Troxel

Prev by Date: Re: Cert validation in pkg_add
Next by Date: Re: pkg options inheritance
Previous by Thread: Re: Cert validation in pkg_add
Next by Thread: Re: Cert validation in pkg_add
Indexes:

Home | Main Index | Thread Index | Old Index