Dear all, On http://www.linuxfromscratch.org/blfs/view/svn/postlfs/cacerts.html you indicate to download CA Certificates from: http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1
However, on the "mxr frontpage" http://mxr.mozilla.org/ the branch "Mozilla CVS" http://mxr.mozilla.org/mozilla/ is described as follows: QUOTE This contains the entire current CVS repository. For Gecko, XULRunner, and Firefox, CVS trunk is no longer the trunk, and is instead used for Gecko 1.9 / Firefox 3 and the 1.9.0.* / 3.0.* security releases. UNQUOTE So I would like to suggest that alternative sources may be described a well. See e.g. http://kaarpux.kaarposoft.dk/packages/c/certdata.html#certificates_from_mozilla (You are more that welcome to link to this page, if you find it appropriate). We are not the only ones struggling to figure out which branch to use. See e.g. the thread started here: http://curl.haxx.se/mail/archive-2013-12/0033.html The integrity of the certdata.txt file is essential, so I would also like to suggest that 1) you download from https://hg.mozilla.org/... 2) you include a sha256 checksum for the file. /Henrik PS: I have some problems with my subscription, so please CC me on any replies. -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page