[Pidgin] #15485: problems with the curernt way to specify trusted X.509 certs
Pidgin
trac at pidgin.im
Sun Jan 27 18:12:30 EST 2013
#15485: problems with the curernt way to specify trusted X.509 certs
----------------------+-------------------------
Reporter: calestyo | Owner:
Type: defect | Status: closed
Milestone: | Component: libpurple
Version: 2.10.6 | Resolution: worksforme
Keywords: |
----------------------+-------------------------
Comment (by calestyo):
I knew that (should have probably mentioned it),... but the problem with
this is, that the trusted certs cannot easily be changed, even for the
sysadmin, without recompiling the package.
And IMHO, it's often a good idea _not_ to use the system-provided root-
cert store; this one is typically used by all kinds of applications, and
contains more or less all the wide-spread CAs, which makes sense for e.g.
wget, but for something like pidgin it's more likely that you know in
advance which servers/certs you'll be talking to.
So it would be nice, if one could narrow down the trusted certs (without
recompilation) to one's needs.
And my proposal would have allowed just this.
So please reconsider it perhaps.
Cheers,
Chris.
--
Ticket URL: <https://developer.pidgin.im/ticket/15485#comment:2>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list