Am Montag 02 Juni 2008 02:43:19 schrieb Dan McGee:
Is this maybe even core/support material?
I am still undecided how to handle this. We have several options: 1) Make ca-certificates a depend of openssl. This will restore the behaviour before the openssl project removed their own certs. Those packages using their own bundle (like curl) should be update to use this one instead. 2) Add this package as a dependency to browser and other appy which use openssl 3) Don't do anything and put it as an optional package into extra As I said I have no strong oppinion about this. Maybe option 1 would be the best because it does not change the current behaviour too much and browsers wouldn't complain about untrusted certs when the new openssl package is moved to core. Pierre -- archlinux.de