tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

ca-certificates questions

I was recently pointed to ca-certificates, having missed the addition.
I just added a bit to the DESCR, but I wonder if someone who understands
could adjust DESCR and README.pkgsrc (yay, not MESSAGE!!) to explain:

  Is this package really only about OpenSSL?  DESCR was written to be
  broader, and I narrowed DESCR, but there is gnutls, etc.  (This is not
  a requset to extend it, just for precise description.)

  Does this modify only a base system OpenSSL, or does it sometimes
  modify pkgsrc OpenSSL?  (I know I could read the code, but DESCR
  should be clear.)

  The path /etc/ssl is used in README.pkgsrc, and that is perhaps Linuxy
  or perhaps not NetBSD-ish as NetSBD has /etc/openssl.  I wonder then
  if this works on NetBSD and what path it uses, and if the
  README.pkgsrc should ahve that substituted or use language that
  indicates that the default location is meant, even if it's not

  I am more pedantic than many, but it would be nice if the language
  were more explicit about configuring trust anchors for default
  validation, rather than "can be used".  (It is possible for
  openssl-using programs to provide their own trust anchor set, but this
  is rare outside mozilla-land.)

This should probably be split into ca-certificates and
ca-certificates-install, so that there is a package that follows normal
rules and a very small irregular package, similar to mozilla-rootcerts
and mozilla-rootcerts-openssl.

Attachment: signature.asc
Description: PGP signature

Home | Main Index | Thread Index | Old Index