Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: csync2 - A cluster synchronization tool https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=223633 ------- Additional Comments From wolfy@xxxxxxxxxxxxxxxxxx 2007-01-24 18:09 EST ------- I am sorry, but I definitely MUST veto the inclusion of certificates in the binary rpm. The reason is that this would lead to each and every computer where the rpm is installed to have the very same certificates. Which kind of defeats the whole purpose of certificates. If you want to help the users, you could use for instance one of the following approaches: a) - extract the certificate generation part from the Makefile included in sources and save it as a separate mkcert.sh - install this file as a %doc - document it in the README.FEDORA file I have suggested in comment #7 b) - generate the certificates in %post Personally I believe that the first approach is better, allowing for the admins to have the certificates generated only if they feel like needing them. You could take a look at mod_ssl and dovecot. The first one includes the directories where Apache SSL certificates are to be stored, as well as the scripts needed to generate the certificates, but does not include the certificates themselves. In addition a set of sample certificates are generated at install time. A cleaner approach (in my opinion...) is used by dovecot which includes a dovecot-openssl.cnf file (in /etc/pki) and a mkcert.sh script (included as doc/sample). -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug, or are watching the QA contact. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review