On Wed, 05 Sep 2018 11:28:29 +0200, Florian Schlichting wrote: > * Chris Hofstaedtler <[email protected]> writes: > > OTOH, XML::Stream then defaults to verifying certificates, if TLS is > > on, but does not provide a default where to find any certificates. > > IMHO this is broken by default, and we should provide a default path > to commonly accepted certificates in Debian, i.e. /etc/ssl/certs (or > switch the default for ssl_verify to skip verification, but I think > that's not the Right Thing To Do.)
[..] > gregoa, would you agree that this is indeed something that should be > fixed in XML::Stream? You were handling the original bug against > libnet-xmpp-perl / sendxmpp and sounded rather cautious to fix this in > the library layers... First of all, sorry for not replying to Chris' mail (was on my TODO list and somehow slipped out of view in my debian-perl mail folder). To your question: I don't remember the details, just that I got a headache when vading through the different codebases :) It may well be that my assessment back then was sub-optimal, and if both Chris and you think that it makes more sense to fix this in XML::Stream, please, by all means, go ahead! Cheers, gregor -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `- NP: Bettina Wegner: napoleon und lysistra
signature.asc
Description: Digital Signature
