home *** CD-ROM | disk | FTP | other *** search
- The Debian Package “ca-certificates”
- ----------------------------------
-
- This package includes PEM files of CA certificates to allow SSL-based
- applications to check for the authenticity of SSL connections.
-
- Please note that certificate authorities whose certificates are included
- in this package are not in any way audited for trustworthiness and RFC
- 3647 compliance, and that full responsibility to assess them belongs to
- the local system administrator.
-
- The CA certificates contained in this package are installed into
- “/usr/share/ca-certificates”.
-
- The configuration file “/etc/ca-certificates.conf” is seeded with
- trust information through Debconf. Just call “dpkg-reconfigure
- ca-certificates” to adjust the settings.
-
- “update-ca-certificates” will then update “/etc/ssl/certs” which may be
- used by the web browsers in Debian. It will also generate the hash
- symlinks and generate a single-file version in
- “/etc/ssl/certs/ca-certificates.crt”.
-
-
- How certificates will be accepted into the ca-certificates package
- ------------------------------------------------------------------
-
- Option 1:
- - File a *GPG-signed* bug report against ca-certificates with
- *severity normal*. The bug report must include an attached
- copy of the PEM certificates of the CA, a link to and a
- description of the CA, the licence of the CA certificate
- and signed fingerprint and/or hash values of the certificate.
- - Get two or three recommendations from other people to the
- bug report, GPG-signed (preferably from the strong set).
- - CA certificates will not be accepted if requested by only
- one person.
-
- Option 2:
- - Get it included into Mozilla's trust store.
- - File a bug against ca-certificates stating this fact.
-
-
