> Date: Sun, 20 Aug 2023 05:43:23 +0200
> From: Jan Danielsson
>
> My objection in the past has been along the line of: If an
> organization is not willing to keep a CA bundle up-to-date for a user,
> then it should not dump a CA bundle that may grow stale onto their
> system either. But
On 2023-08-19 18:51, Taylor R Campbell wrote:
TL;DR -- I propose to:
- Ship Mozilla's root CA certificates in base.
- Have ftp(1) and pkg_add(1) use them for TLS validation by default.
- Provide ways for you to persistently:
. exclude individual CA certificates,
. add to or change the root
On Sat, Aug 12, 2023 at 11:58:36AM +, Taylor R Campbell wrote:
> What should system(3) do when the signal action for SIGCHLD is
> SIG_IGN, or has SA_NOCLDWAIT set?
> [...]
My suggestion would be invent a new working mechanism for disowning
children and banish the mess to COMPAT_POSIX_MISTAK
