Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: perl-Mozilla-CA: stop shipping own certificate bundle https://bugzilla.redhat.com/show_bug.cgi?id=738383 Summary: perl-Mozilla-CA: stop shipping own certificate bundle Product: Fedora Version: rawhide Platform: Unspecified OS/Version: Unspecified Status: NEW Severity: high Priority: medium Component: perl-Mozilla-CA AssignedTo: ppisar@xxxxxxxxxx ReportedBy: thoger@xxxxxxxxxx QAContact: extras-qa@xxxxxxxxxxxxxxxxx CC: fedora-perl-devel-list@xxxxxxxxxx, mmaslano@xxxxxxxxxx, ppisar@xxxxxxxxxx Classification: Fedora Story Points: --- Type: --- Description of problem: perl-Mozilla-CA comes with certificate bundle generated from nss/mozilla certdata.txt. It's the same source that is used to build ca-bundle.crt form ca-certificates. We should not duplicate those bundles, as that makes it more difficult to deal with updates when some CA needs to be removed (think of recent DigiNotar). Additionally, Mozilla-CA upstream is not currently generating their bundle correctly and are adding certs that are flagged as untrusted in nss/mozilla: https://rt.cpan.org/Public/Bug/Display.html?id=70967 We should really consider making perl-Mozilla-CA require ca-certificates and use that bundle instead. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/perl-devel
