PS: Ideally, I still think it would be optimal if gnutls used a per user
environment variable, in the spirit of liberating users and not
system administrators. I will enquire. But for the time being, the
global specification looks better than nothing. When I have some time,
I will try to look into how to package certificates of certification
authorities. Putting individual certificates into /etc/ssl/certs
(and running c_rehash before installation) should make them usable
by gnutls and openssl alike.
PPS: Once the new gnutls is pushed, I would like to also try an update
of openssl in a wip branch.
