Hi! > > You will not see this if you install the security/ca_root_nss port.
> Why is security/ca_root_nss not present in base? There are several reasons: - The project is hesistant to endorse certificate authorities (CAs), as some of them might be (or become) of questionable trust-worthyness during the lifetime of a release and adding/changing all or some to base would add workload to decide which ones to include or to exclude. - The amount of work to cut a new release or a patch for a release is large. If you look at the update frequency for the port: https://www.freshports.org/security/ca_root_nss/ it would burden the project with base updates just for the CAs. - Some suggested that the FreeBSD project should operate its own CA and issue certs for project sites and include the CA into base. Running and securing a CA is not a simple endeavour so we hesitated to do so. > I mean, on a brand new install, one goes to update the sources, and just > the sources. And this error is issued? > > I think it looks bad. Do you agree? Yes, we all agree that it looks bad, but we have not yet found a simple, workable solution. Yes, it was discussed many times in the past. -- [email protected] +49 171 3101372 2 years to go ! _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[email protected]"
