[arch-dev-public] Rethinking our CA certificate setup
bisson at archlinux.org
Sun Aug 24 06:06:04 EDT 2014
[2014-08-24 11:47:56 +0200] Jan Alexander Steffens:
> - Ship the update-ca-certificates script in a ca-certificates-utils
> package, which the certificate packages depend on
> - ca-certificates becomes a metapackage depending on the -mozilla and
> -cacert packages
So we'd have three ca-certificates-* packages?
If this is this only to allow users to remove the bundles (mozilla or
cacert) they do not trust, then couldn't we instead just keep everything
in one package; simply putting the files
in the backup array would allow anyone to override them, so disabling a
bundle would also be super easy...
Other than the fragmentation of packages (my new pet gripe), your plan
More information about the arch-dev-public