Date: Wed, 24 Oct 2007 05:31:40 +1000 From: Peter Jeremy <peterjeremy@optushome.com.au> To: "David E. Thiel" <lx@freebsd.org> Cc: freebsd-hackers@freebsd.org, Adrian Chadd <adrian@freebsd.org> Subject: Re: packages, libfetch, and SSL Message-ID: <20071023193140.GP81509@server.vk2pj.dyndns.org> In-Reply-To: <20071022032819.GE75639@redundancy.redundancy.org> References: <20071021013917.GB86865@redundancy.redundancy.org> <d763ac660710211907p5b23e145o62da8a5661b6b902@mail.gmail.com> <20071022032819.GE75639@redundancy.redundancy.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--IiVenqGWf+H9Y6IX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Oct 21, 2007 at 08:28:19PM -0700, David E. Thiel wrote: >Sounds fine to me - I'll take a closer look at this. I'd still like >to see the root CA certs merged into base so libfetch can be fixed. So would I. >Does anyone object to just using the ones currently provided by the >ca_root_nss port? I would like to have CAcert (www.cacert.org) included. It is not currently in the Mozilla root set but is included in various Linux and other BSD distributions. See http://wiki.cacert.org/wiki/InclusionStatus (which lists FreeBSD on the basis of the now-removed caroot port). I agree that the final decision should be up to the Security team. --=20 Peter --IiVenqGWf+H9Y6IX Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFHHkwc/opHv/APuIcRAlyvAJ0XkleFL9SKetKnP6AulJO7Fj259gCcCe32 KX1w+yMWWZVly8msSSKiyqM= =EJT4 -----END PGP SIGNATURE----- --IiVenqGWf+H9Y6IX--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071023193140.GP81509>