Benny Siegert writes:
> The question of root certificates for OpenSSL in base came up recently
> in pkgsrc. That got me thinking: why does NetBSD not come with a set
> of certificates in the base system? The set that mozilla-rootcerts
> delivers would be a reasonable thing to put there, because
On 07/03/17 03:01, David Holland wrote:
> On Mon, Jul 03, 2017 at 12:56:38AM +, Emmanuel Dreyfus wrote:
> > On Mon, Jul 03, 2017 at 12:45:17AM +0200, Joerg Sonnenberger wrote:
> > > The only problem I see is that outdated timezone data doesn't
> > > necessarily have a real world impact. Outd
On Sun, Jun 25, 2017 at 03:28:59PM +0200, Kamil Rytarowski wrote:
> On 25.06.2017 14:06, Martin Husemann wrote:
> > You can also read random bytes from /dev/urandom.
>
> Right this is the most portable solution right now. I don't think
> RANDOM_BITS or similar is currently useful, it will gro
On Mon, Jul 03, 2017 at 12:56:38AM +, Emmanuel Dreyfus wrote:
> On Mon, Jul 03, 2017 at 12:45:17AM +0200, Joerg Sonnenberger wrote:
> > The only problem I see is that outdated timezone data doesn't
> > necessarily have a real world impact. Outdated root CAs can.
>
> Most of the time, outd
On Mon, Jul 03, 2017 at 12:45:17AM +0200, Joerg Sonnenberger wrote:
> The only problem I see is that outdated timezone data doesn't
> necessarily have a real world impact. Outdated root CAs can.
Most of the time, outdated things in a system is dangerous. Known
security vulnearbilities accumulate
On Sun, Jul 02, 2017 at 05:27:06PM +0100, Benny Siegert wrote:
> agc made the argument that including certificates is similar to
> including time zone data, which we do. We do not tell users to install
> a package to use non-UTC timezones, for instance.
The only problem I see is that outdated time
The question of root certificates for OpenSSL in base came up recently in
pkgsrc. That got me thinking: why does NetBSD not come with a set of
certificates in the base system? The set that mozilla-rootcerts delivers would
be a reasonable thing to put there, because
(a) that’s what literally eve
