SSL is broken on FreeBSD
Chuck Swiger
cswiger at mac.com
Wed Apr 6 01:15:57 UTC 2011
On Apr 5, 2011, at 4:59 PM, Dan Lukes wrote:
> 2. Such link will affect all users of system. Decision "what CA is trustful" should remain personal decision, not the system administrator decision, by default. Installation of ca-root-nss should not hit all users of system automatically.
Well, that depends on who owns and manages the machine in question, and what it is being used for.
There are differences between your personal machine, for which you as an individual are welcome to make all of the decisions, and a managed box which is owned by a company which might have a specific PKI infrastructure which is needed for the machine to be usable for it's intended role.
Regards,
--
-Chuck
More information about the freebsd-security
mailing list