Hi everyone,

On Tue, Jan 07, 2025 at 11:36:16PM +0100, Aurelien Jarno wrote:
> > But that's much longer than --include=ca-certificates, so not a good option 
> > for
> > interactive use.
> 
> Yes, I fully agree that this is not really an issue for scripts, they
> can be adjusted, but it is more problematic for interactive users,
> either directly or probably through sbuild when adding extra chroots.

In light of todays discussion about build tarballs, a simpler
solution for ca-certificates struck me: why not raise the Priority:
of ca-certificates to important or higher?

I see two good reasons to do this:

1) the (non-)presence of ca-certificates in a build environment
should not depend on the used mirror to create the chroot. It's
(non-)presence can cause other packages to FTBFS or otherwise differ
in their builds. Having it always be present would give us a more
consistent build environment.

2) I'd argue an OS install that cannot practically speak TLS to
anything is not very useful.

What do people think?

Should we approach the ca-certificates maintainers and ftpmasters?

Chris

Reply via email to