Root certificate in source tree placement
Ethan Blanton
elb at pidgin.im
Mon Aug 13 10:17:34 EDT 2007
Ka-Hing Cheung spake unto us the following wisdom:
> Is it really necessary for pidgin to install its own set of root
> certificates? On debian systems, they are already available
> in /usr/share/ca-certificates . I think it would be better if we can
> offload the burden of updating those certificates to distributions.
Yes, I believe it is desirable, the same as it is desirable for
Mozilla et al. William and I have discussed this already, and the
plan is to ship with some (minimal) set of certificates, and provide
configure-time options for locating distribution-wide certificates if
desired. Not only can we not count on distributions having a
system-wide stash at *all* (particularly given that we run on ancient
distributions), but every distribution has their own, different plan
for locating and installing certificates. We feel it is best to
install a minimal set to /usr/share/purple (or whatever), perhaps
unless asked not to, and to support a --with-ca-store= type configure
switch for using the distro-supplied list when available.
Ethan
--
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://pidgin.im/pipermail/devel/attachments/20070813/23be6a9b/attachment.sig>
More information about the Devel
mailing list