Hi dwmw2, thank you for your bug report and your help to make Ubuntu better.
I beg a pardon as I'm clearly not an expert on this particular area, but I try to sort out the details of this bug report to understand what has to be done. Currently I understand this as feature request to make update-ca- certificates (almost?) all certificate users in one shot. The current default config doesn't do that Thanks for pointing out the links and background to this. The answer on this thread is what I think the current state is http://superuser.com/questions/437330/how-do-you-add-a-certificate-authority-ca-to-ubuntu and I understand and agree that to get this as "one shot accept this CA" is a valid feature-request-bug. I happened to find various similar/related on other projects like firefox for example: https://bugzilla.mozilla.org/show_bug.cgi?id=620373 https://bugzilla.mozilla.org/show_bug.cgi?id=449498 https://bugzilla.mozilla.org/show_bug.cgi?id=454036 There might be more for others, but it seems to fix the whole thing a Distribution would need to modify all consuming packages to agree on sort of a shared path and mechanism. Ok, so far I was just trying to wrap my head around this a bit, I guess the next step clearly is the security Teams position on this in general - so I subscribe them for a statement. Maybe they also know on past or existing approaches to this. ** Bug watch added: Mozilla Bugzilla #620373 https://bugzilla.mozilla.org/show_bug.cgi?id=620373 ** Bug watch added: Mozilla Bugzilla #449498 https://bugzilla.mozilla.org/show_bug.cgi?id=449498 ** Bug watch added: Mozilla Bugzilla #454036 https://bugzilla.mozilla.org/show_bug.cgi?id=454036 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1647285 Title: SSL trust not system-wide To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1647285/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
