-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
I would like to include the CA distribution of the IGTF (www.igtf.net), which is an international collaboration of CAs for use in the e-science communities (i.e. scientific grid computing & cloud computing). The certificates in this collection are typically used for service certificates (compute & storage endpoints, authentication services, etc.) and user certificates. They are not commonly used for normal web servers. That is why I don't think they should be included in the ca-certificates package. There seems to be no real way to include extra ca-certificates-* packages at the moment. I've tried to conform as much as possible to the structure of the ca-certificates package, and the way I've packaged it right now is that the administrator has the choice to include individual certificates from IGTF in /etc/ssl upon reconfiguring ca-certficates. http://mentors.debian.net/package/igtf-policy-bundle The policy bundle offers a choice of opt-in or opt-out, so it's easy to enable 'all but a few' or 'none but a few' certificates. And enabling here means placing symlinks in /etc/grid-security/certificates, which is the de facto place for grid middleware to look for certificates. I welcome thoughts and comments on this work. Best, Dennis van Dok - -- D.H. van Dok :: Software Engineer :: www.nikhef.nl :: www.biggrid.nl Phone +31 20 592 22 28 :: http://www.nikhef.nl/~dennisvd/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+MIk4ACgkQIITq5lEwLHe5+gCeI2/DS4xpSkJxLmHpyR8VkQqX 2LkAn1veYyGNIdzx9QiLVvkQ0dCivRhK =JeQF -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f8c2253.7070...@nikhef.nl
