On Sat, 30 Sep 2017, Emmanuel Bourg wrote: > Are you suggesting that we should drop ca-certificates-java and just > rely on the root certificates from OpenJDK instead? I would welcome this > simplification, the certificates in OpenJDK are frequently updated > anyway, and that would improve the consistency with the Oracle JDK.
IMHO consistency within Debian is *much* more important. I would be seriously fucked off if I could connect to a host using something like wget but not a Java™ application, after installing the custom CA into /etc/ssl/certs or similar, or even with the defaults. bye, //mirabilos -- tarent solutions GmbH Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/ Tel: +49 228 54881-393 • Fax: +49 228 54881-235 HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941 Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg