[2014-08-24 11:47:56 +0200] Jan Alexander Steffens:
- Ship the update-ca-certificates script in a ca-certificates-utils package, which the certificate packages depend on - ca-certificates becomes a metapackage depending on the -mozilla and -cacert packages
So we'd have three ca-certificates-* packages? If this is this only to allow users to remove the bundles (mozilla or cacert) they do not trust, then couldn't we instead just keep everything in one package; simply putting the files /etc/ca-certificates/conf.d/{mozilla,cacert}.conf in the backup array would allow anyone to override them, so disabling a bundle would also be super easy... Other than the fragmentation of packages (my new pet gripe), your plan sounds great! Cheers. -- Gaetan