FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

LinkBack Thread Tools
Old 10-06-2011, 04:03 PM
Dave Reisner
Default curl 7.22.0-2

On Thu, Oct 06, 2011 at 05:44:54PM +0200, Thomas Bächler wrote:
> Am 28.09.2011 17:01, schrieb Dave Reisner:
> >> We patch cacert.org and spi-inc.org into NSS, so that narrows the list a
> >> bit. IMHO we should just drop ca-certificates in its current shape and
> >> replace it with a dump from our NSS package. We could even discuss about
> >> the inclusion of spi-inc.org and cacert certificates.
> >
> > Sure, I'm very interested in doing this. The current certs package is
> > pretty ugly. Unfortunately, every distro seems to have their own method
> > of managing this.
> Did you make any progress on this?

Not really. Life's been a bit busy with a job transition currently
happening and a sudden strong desire to jump out of planes [0]. Recent
free time went to pushing out a mkinitcpio release. I'll probably have a
chance to poke around this weekend as I have some downtime on Saturday.

I'm inclined to move in the direction of what Fedora does [1], which is
to pull directly from mozilla NSS. That would at least take care of the
bundle that we rely on for curl and wget. I'm left wondering where they
get their loose certificates from, though, as they aren't included in
their ca-certificates package [2].


[0] http://i.imgur.com/YX9fp.jpg
[1] http://pkgs.fedoraproject.org/gitweb/?p=ca-certificates.git
[2] https://admin.fedoraproject.org/pkgdb/builds/show/F-devel-x86_64/ca-certificates/0/2011.78/1.fc17/noarch

Thread Tools

All times are GMT. The time now is 07:11 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org