On Fri, June 14, 2013 16:46, Martin Geisler wrote: > Package: ca-certificates > Version: 20130119 > Severity: wishlist > > I feel this part of the package description is ackward: > > Please note that Debian can neither confirm nor deny whether the > certificate authorities whose certificates are included in this > package have in any way been audited[...] > > I think the "can neither confirm nor deny" part should read "cannot > promise" or "cannot guarantee" or similar. > > The point is that Debian doesn't know if the CAs have been audited, > not that Debian refuses to comment on the subject.
Does it? Debian *could* know if it would spend lots of time to investigate each certificate. Debian chooses not to spend that time. Or am I mistaken? Cheers, Thijs -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
