On 2 July 2014 17:26, Dan Lukes <[email protected]> wrote: > On 07/03/14 01:45, Xin Li: > >> 1. Import a set of trusted root certificates > > > > Question is imminent ... > > Trusted by whom ?
IMHO, it is sane to follow the same policy that Mozilla follows and to use their root store by default. > If I consider a CA to be trustworthy, I will insert it's certificate to > trusted store. No one is welcomed to make such decision in behalf of me. So remove or edit the defaults. As for #4: I'm not sure I like the port touching the base system (even with an option) but I don't see a real alternative. -- Eitan Adler _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-gecko To unsubscribe, send any mail to "[email protected]"
