[arch-dev-public] [signoff] curl 7.22.0-2
Jan de Groot
jan at jgc.homeip.net
Tue Sep 27 17:30:54 EDT 2011
On di, 2011-09-27 at 08:37 -0400, Dave Reisner wrote:
> Hi all,
> I dropped a new curl in testing a few days ago with only one real
> change. It now builds and uses its own cacert bundle which is dropped in
> /etc/ssl/certs/ca-bundle.crt. This is similar to the ca-certificates
> bundle, but taken directly from Mozilla and processed with an in tree
> perl script.
> With this, the ca-certificates dep is of course removed. I don't expect
> any regressions, but please dig up your curl/https powered apps and make
> sure they still work.
What's the purpose of this? The whole reasoning behind ca-certificates
is to have a central certificate store. Remember that the
ca-certificates package as maintained by debian originates from NSS, so
basically these contain the same certificates.
IMHO this is a big -1 from my side.
More information about the arch-dev-public