On Thu, Aug 09, 2007 at 10:04:14AM -0400, Vivek Khera wrote: > > On Aug 9, 2007, at 2:55 AM, Peter Jeremy wrote: > > > There's a security/ca_root_nss port that installs the root certificate > > bundle from the Mozilla project. There are some differences between > > this set and those installed by the ca-roots port. > > I found a mkcabundle program at > http://www.mail-archive.com/[EMAIL PROTECTED]/msg16980.html which > fetches the NSS data via cvs and creates the file locally. > > The port seems to fetch a lot of source files just to get the data and the > script to convert the data, but has the advantage of the ports > infrastructure letting you know when it needs updating.
I'd prefer not to download the mod_ssl source, but it's unclear if maintaining a copy of the script in ports would be OK under the license so I just punted do download the whole thing. If someone contacts the original author and gets license clarification (ideally BSD or public domain) on the script I'd be happy to include it in the ports and save that download. I think downloading nss is the right thing to do as it clearly delegates the trust issues to the Mozilla Project. -- Brooks
pgpCaQVS7S2AO.pgp
Description: PGP signature
