ports/89483: Request to add CAcert.org keys to security/ca-roots
PeterJeremy at optushome.com.au
PeterJeremy at optushome.com.au
Thu Nov 24 07:00:36 UTC 2005
>Number: 89483
>Category: ports
>Synopsis: Request to add CAcert.org keys to security/ca-roots
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Thu Nov 24 07:00:07 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Peter Jeremy
>Release: FreeBSD 7.0-CURRENT i386
>Organization:
n/a
>Environment:
System: FreeBSD server.vk2pj.dyndns.org 7.0-CURRENT FreeBSD 7.0-CURRENT #13: Mon Nov 14 19:37:17 EST 2005 root at server.vk2pj.dyndns.org:/var/obj/k7/usr/src/sys/server i386
>Description:
security/ca-roots provides a X.509 root certificate database.
To quite CAcert's website (www.cacert.org):
"CAcert.org is a community driven, Certificate Authority that issues
certificates to the public at large for free."
CAcert's aim meshes well with FreeBSD's aims and that including
CAcert's root certificates in FreeBSD would benefit both projects.
CAcert has its root certificates included in Debian, Knoppix 3.8,
Gentoo, MirBSD, CentOS 4 and the Nokia 770. Negotiations are
underway with Mozilla, Grml and Fedora.
Disclaimer:
My only interest in CAcert.org is as a validated assurer.
>How-To-Repeat:
grep -y cacert /usr/ports/security/ca-roots/files/ca-root.crt
>Fix:
Import CAcert.org's root certificates from
http://www.cacert.org/certs/class3.crt
http://www.cacert.org/certs/root.crt
(authenticating these certificates is left as an exercise for
the reader :-)
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list