Xin Li wrote this message on Wed, Jul 02, 2014 at 16:45 -0700:
> 1. Import a set of trusted root certificates, and install if
> MK_OPENSSL is yes, to /usr/share/misc/ca-root-freebsd.pem;
My only comment on this is that we (committers) or -core needs to decide
how certs are added/removed... If it's mirror mozzila's cert repo, then
that's fine, but if we don't have a policy, what will we do when other
CA's contact someone at FreeBSD wanting to get their cert included by
default?
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
