On Fri, Apr 11, 2014 at 12:41:40PM -0400, "David Prévot" wrote: > Hi, > > > Package: xul-ext-https-everywhere > > Version: 3.4.5-1 > > Severity: important > > > > With CACert removed from the Debian default certificates, it no longer > > makes sense to enable the CACert-dependent rules in https-everywhere. > > As an additional data-point: there are ongoing discussions (e.g., #741561) > about adding back CACert to ca-certificates or another package.
It seems highly unlikely that CACert will return to ca-certificates, barring its wider acceptance elsewhere, which won't happen in the near future. And if it shows up in a separate package, it should still remain disabled by default in https-everywhere. If in the future CACert returns to ca-certificates, https-everywhere can re-enable the CACert-dependent rules at that time. Meanwhile, having them enabled breaks browsing to sites that use CACert certificates, requiring the user to manually disable each rule as they encounter certificate warnings. - Josh Triplett -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

