-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Am So den 30. Mär 2014 um 22:35 schrieb Michael Shuler: > Respectfully, at the end of the day, this bug report is a wishlist > request to include the CAcert root certificates in the > ca-certificates package. The CAcert root certificates were removed > in #718434.
No, this is a critical bug that is caused by a stupid removal of CAcert certificates. It breaks several systems that are not related directly to ca-certificates. I do not request to include them like a new certificate, I do request to fix the bug that was caused by removing it; so reinclude them! I read #718434 and I cannot find any reasonable reason therein to remove CAcert. This bug report is full of personal aversions of some people against CAcert. No proper reason is in there that gave a reason to remove CAcert but leave all other certificates in that package. > Users that wish to include local CA root certificates may wish to > read /usr/share/doc/ca-certificates/README.Debian for two methods to > accomplish this: drop them in /usr/local/share/ca-certificates/ and > run update-ca-certificates, or build a local .deb package using the > example in > /usr/share/doc/ca-certificates/examples/ca-certificates-local/. CAcert was in debian for ages. And it was a propper source for the certificate on all systems; also systems that has no direct relationship to systems that uses CAcert. CAcert was the only trustable certificate in ca-certificates. Removing this would render ca-certificates useless for everybody! And even more, it is now only a dangerous package that brings in certificates that cannot be trusted! So, yes, this is a critical bug! Regards Klaus - -- Klaus Ethgen http://www.ethgen.ch/ pub 4096R/4E20AF1C 2011-05-16 Klaus Ethgen <[email protected]> Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQGcBAEBCgAGBQJTORVtAAoJEKZ8CrGAGfasc1YL/jvtG5WxIoHmokN5/gsx67ZU qVvTZq2JJDNENPrCCgykYAoGzKpGMBZRNFfz/0N7+K85OOjJjuT4KJMjJKCs41QQ qZM638RVICfOCGVamOTtIbwM6XhARDix2zJlR938qxsSfZBZaExlKzA04d1XmyYU hx0hgR5IIe6FBeMIpkgVcm5rt0bT5Udmmmlw6UoaGLqwCHmOi+tBhozjhc3x57So 82AKk1WgNDiy6Nn65sWZVKBp30t3pinwBvihBAISlQ1pg9k4TN7QAp/5NaDZ1RZw VFHznvUpvy/fYtWRmGS49l+FwGu/7KQfiFv9/2/PpaLZjRKs+7IR9AEbqSwKZ+iV ws3wLXDnbL1HJLx8YmkdL9urV4BZCp6r53e9otMksCSfa1s8+9NaTahdbwK7+rUI yaZ4m5FB5CvlFF6KG5DzkgOEQTP9aYkypzOSy61nKDF23PT1YeaxuXCQQGAr2QQa DlmByEj+/hIIGUs3j1DB3MDCJarsfsj1Ld3d5qMUtQ== =3ZKw -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
