From kde-core-devel Mon Jul 25 00:10:56 2011 From: Thiago Macieira Date: Mon, 25 Jul 2011 00:10:56 +0000 To: kde-core-devel Subject: Re: Go Daddy root certificates Message-Id: <15807729.UWKmvXBfO0 () doriath> X-MARC-Message: https://marc.info/?l=kde-core-devel&m=131155284131448 MIME-Version: 1 Content-Type: multipart/mixed; boundary="--nextPart11929096.cvV6qFPNx6" --nextPart11929096.cvV6qFPNx6 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" On Sunday, 24 de July de 2011 14:51:34 Gary Greene wrote: > On Jul 23, 2011, at 10:33 AM, Martin Koller wrote: > > Hi, > > > > can anyone answer the case https://bugs.kde.org/show_bug.cgi?id=277319 , > > please ? > Honestly, I really wish that Mozilla/KDE/Google/Wget/ has their own root certificate store here> would get together on fdo and > create a common project that the root certificates could be aggregated at > instead of each project doing it themselves... The answer is: STOP distributing our own certificates. Rely on Qt's support, which also doesn't distribute certificates. The burden then falls on the system integrator (the distros), which will select a root CA package that they feel confident about. They're also the ones who can roll out security updates directly to the users. We can't. -- Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org PGP/GPG: 0x6EF45358; fingerprint: E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358 --nextPart11929096.cvV6qFPNx6 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQBOLLSQM/XwBW70U1gRApo7AJ4iloxYcQugvQ+nHM+ILNa5UdXACwCgk2ic Uvn0iH73CEIsivyWjnmg8uQ= =MPjb -----END PGP SIGNATURE----- --nextPart11929096.cvV6qFPNx6--