Shared System Certificates followup: Packaging Guidelines?
Adam Williamson
awilliam at redhat.com
Wed Jan 8 21:08:33 UTC 2014
On Wed, 2014-01-08 at 21:05 +0100, Kai Engert wrote:
> On Mi, 2014-01-08 at 10:03 -0800, Adam Williamson wrote:
> > > > which one of those 11 files, exactly, should we have packages use when?
> > > > When I came up against this situation recently I threw a dart and
> > > > picked /etc/pki/tls/certs/ca-bundle.crt , but I'm hardly certain.
> > >
> > > The manual page explains which files are intended for which purpose, and
> > > also mentions the availability of a smarter pkcs#11 module for
> > > applications that are able to use it.
> > >
> > > $ rpm -ql ca-certificates |grep -w man
> > > /usr/share/man/man8/update-ca-trust.8.gz
> > > $ man update-ca-trust
> >
> > Thanks. It would probably be useful to have a guidelines section about
> > this, as it wasn't at all obvious.
>
> Are you suggesting a guidelines section in the manual page, or somewhere
> else?
In the Fedora packaging guidelines (and perhaps package review
guidelines too), a section explaining what to do with packages that
bundle CA certs.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
More information about the devel
mailing list