Re: bin/57456: ftp fails for https in netbsd-10 due to missing certificates

[Martin Husemann <martin%duskware.de@localhost>]

The following reply was made to PR bin/57456; it has been noted by GNATS.

From: Martin Husemann <martin%duskware.de@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: bin/57456: ftp fails for https in netbsd-10 due to missing
 certificates
Date: Thu, 8 Jun 2023 20:53:01 +0200

 On Thu, Jun 08, 2023 at 06:40:01PM +0000, Michael van Elst wrote:
 >  Perfect, we can easily revert ftp to its unconditionally insecure behaviour,
 >  so nobody forgets it the next 10 years. :)
 
 I'm not arguing secure vs. insecure - but plain broken (both in the default
 install and in the installers) as it is now is not a good step in between.
 With a bit better planning it could have been avoided, but on the other
 hand the planning should not prevent the security fix for ever. So I do
 understand both sides, and we should quickly find a good plan to move
 forward.
 
 I am not sure your initial suggestion (let the end user pick any trust
 anchor set and leave the updating problem to them too) is the best, but
 it may be the only one workable now w/o getting deeply into net
 politicis or having to make promises from TNF side that we would better
 stay away from.
 
 For sysinst I don't want to show confusing warnings about untrusted
 downloads or missing verification - even if true.
 But I also don't like to return to the old state (by setting
 sslnoverify). Open to any suggestions (and probably this should not be
 in this particular PR, but better be discussed on some mailing list).
 
 Martin