Ben Creasy created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1742
I think there is an emerging convention to look to `/usr/etc` for package-provided default configuration and `/etc/` for local administrator overrides - see https://en.opensuse.org/openSUSE:Packaging_UsrEtc Obviously there's no requirement to fall back to `/usr/etc` but it can be a convenience for users to make it more clear to where they've overridden package defaults. With no `/etc/crypto-policies` I see this: ``` ➜ sudo mv /etc/{crypto-policies,crypto-policies2} [sudo] password for ben: ben in dotfiles on master [$!?] took 2s ➜ GNUTLS_DEBUG_LEVEL=3 gnutls-cli --priority "SYSTEM" --print-cert raw.githubusercontent.com:443 2>&1 | head -20 gnutls[2]: Enabled GnuTLS 3.8.10 logging... gnutls[2]: getrandom random generator was selected gnutls[2]: Intel SSSE3 was detected gnutls[2]: Intel AES accelerator was detected gnutls[2]: Intel GCM accelerator (AVX) was detected gnutls[2]: cfg: unable to access: /etc/crypto-policies/back-ends/gnutls.config: 2 Syntax error at: SYSTEM Processed 388 CA certificate(s). Resolving 'raw.githubusercontent.com:443'... Connecting to '185.199.111.133:443'... ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1742 You're receiving this email because of your account on gitlab.com.
_______________________________________________ Gnutls-devel mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-devel
