Date: Mon, 13 Aug 2007 14:44:20 -0500 From: Brooks Davis <brooks@freebsd.org> To: Vivek Khera <vivek@khera.org> Cc: freebsd ports <freebsd-ports@freebsd.org> Subject: Re: ca-roots expired? Message-ID: <20070813194420.GA76135@lor.one-eyed-alien.net> In-Reply-To: <8F9EDD82-0747-4DE2-825D-EE70470BBFAD@khera.org> References: <20070809101402.B98213@obelix.home.rakhesh.com> <20070809065503.GI1244@turion.vk2pj.dyndns.org> <8F9EDD82-0747-4DE2-825D-EE70470BBFAD@khera.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--EeQfGwPcQSOJBaQU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 09, 2007 at 10:04:14AM -0400, Vivek Khera wrote: >=20 > On Aug 9, 2007, at 2:55 AM, Peter Jeremy wrote: >=20 > > There's a security/ca_root_nss port that installs the root certificate > > bundle from the Mozilla project. There are some differences between > > this set and those installed by the ca-roots port. >=20 > I found a mkcabundle program at=20 > http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html which= =20 > fetches the NSS data via cvs and creates the file locally. >=20 > The port seems to fetch a lot of source files just to get the data and t= he=20 > script to convert the data, but has the advantage of the ports=20 > infrastructure letting you know when it needs updating. I'd prefer not to download the mod_ssl source, but it's unclear if maintaining a copy of the script in ports would be OK under the license so I just punted do download the whole thing. If someone contacts the original author and gets license clarification (ideally BSD or public domain) on the script I'd be happy to include it in the ports and save that download. I think downloading nss is the right thing to do as it clearly delegates the trust issues to the Mozilla Project. -- Brooks --EeQfGwPcQSOJBaQU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFGwLSTXY6L6fI4GtQRAgWXAJkBA6n82W6qCg76+fbeARAF1htCRwCghuBv Obhnsne6MBUZkiMfo7DL2vo= =NdYV -----END PGP SIGNATURE----- --EeQfGwPcQSOJBaQU--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070813194420.GA76135>