pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: mozilla-rootcerts assumes /etc/ssl/certs writes:

> It is currently useful and intended for people who use non-pkgsrc
> (builtin) SSL libraries and want to get a set of well-managed CAs.
> It could probably be smarter, or pkgsrc openssl can be taught to look
> at system-wide CAs too, if it doesn't.
> (I feel like for root CA choices, people will likely prefer system-wide
> settings to be respected by default).

Good points.

But I wonder if the right thing is for mozilla-rootcerts to modify
pkgsrc openssl, if that was depended on at build time, vs system
openssl, if that was depended on.   More or less, to operate on the
openssl used by pkgsrc.

Or perhaps both, but that feels icky.

Attachment: signature.asc
Description: PGP signature

Home | Main Index | Thread Index | Old Index