Hi, On 3 September 2013 08:05, Charles Davis <[email protected]> wrote: > On behalf of the Wine community, I'd like to request that the USERTrust Group > (now COMODO)'s USERFirst Object Root CA (UTN-USERFirst-Object) be added to > the ca-certificates collection. This root CA is used to sign intermediate CAs > for code signing, including COMODO's Code Signing CAs, which were used to > sign at least one application that a user attempted to run in Wine (cf. > http://bugs.winehq.org/show_bug.cgi?id=34388 ).
It is missing from the installed package because it is not trusted (but not untrusted either) by mozilla for neither use of it as server or email purposes. It is only trusted for code signing. I know /etc/ssl/certs has become the canonical place and most stuff looks there, but in this case the certificate is only trusted for code signing. No trust decision has been made beyond that, and by enabling it by default would be a trust decision from Debian. It' might be worth considering another directory where code signing certificates are stored (rather: symlinked). Thijs, Michael: thoughts? Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
