Re: Can security/ca_root_nss be retired?
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 20 Jan 2023 08:33:20 UTC
> /usr/share/certs Was never necessary. Should not have been added. >> trust store > list of trusted CAs People are fools if they think they can "trust" any of those. Including a live cert store in base does little but endorse exposure of users to such external risks. Users before at least had to read and actively choose to enable footshooting, now apparently the teaching is that blindly placing trust upon untrustable external third parties is the right thing to do. There are lots of MITM enabling random adversaries in that "trust" store, and its issues have been in the news multiple times already. However users choose to disable and manage their own stores, some of their models for doing that obviously might include making use of data elements held within a current port of the upstream stores. Other users have other projects and apps that need it for other reasons as well. So retiring ca_root_nss would be anti-helpful for them, and thus retiring it is definitely not suggested. Nor do other unix retire this either. -- https://odysee.com/@Anarchast:2 https://duckduckgo.com/?ia=videos&iax=videos&q=voluntaryism https://duckduckgo.com/?ia=videos&iax=videos&q=cryptocurrency https://bitchute.com/ https://rumble.com/