Hi Kai,
2018-06-12 16:55 GMT+03:00 Kai Engert :
>
> If a single CA list for both TLS and VPNs was used, and a user added a
> VPN's private CA to that shared list, it would technically enable the
> VPN operator to issue false certificates, and TLS clients like Firefox
> would then trust such false
On 06/01/18 08:39, Mikhail Zabaluev wrote:
> A question arose about a good choice of the default directory for
> trusted CA certificates over these proposed rpm PRs:
>
> https://src.fedoraproject.org/rpms/strongswan/pull-request/6
> https://src.fedoraproject.org/rpms/strongswan/pull-request/7
>
>
