I'm trying to make sure this will provide a seamless fresh install and upgrade path so that if you were already managing /etc/openssl/certs, it stays that way, but if you weren't, certctl(8) takes over and makes the Mozilla trust anchors available. And I'd like to get this into 10 ASAP.
Sounds good. Just one last question: If I migrate to this new world order (ie, I delete existing package and clean out the /etc/openssl/certs directory), what happens to any packages that currently depend on mozilla-rootcerts? Will they somehow magically not need to install the mozilla-rootcerts package? +--------------------+--------------------------+----------------------+ | Paul Goyette | PGP Key fingerprint: | E-mail addresses: | | (Retired) | FA29 0E3B 35AF E8AE 6651 | paul%whooppee.com@localhost | | Software Developer | 0786 F758 55DE 53BA 7731 | pgoyette%netbsd.org@localhost | | & Network Engineer | | pgoyette99%gmail.com@localhost | +--------------------+--------------------------+----------------------+