On Sun, Mar 20, 2011 at 09:26:07PM +0000, Nicholas Bamber wrote: > Mozilla::CA provides a copy of Mozilla's bundle of Certificate Authority > certificates in a form that can be consumed by modules and libraries > based on > OpenSSL.
I don't think this should be packaged. Debian already offers a certificate store provided by the ca-certificates package in /etc/ssl/certs, in a form that can be consumed by modules and libraries based on OpenSSL. If this is required as a dependency, the depending package should be patched (possibly to support more than a single CA) or this package should only be a stub to the Mozilla CA in ca-certificates. In the case of LWP::UserAgent, setting SSL_ca_file to /etc/ssl/certs/ca-certificates.crt or SSL_ca_path to /etc/ssl/certs should work. Then it will support all certificates the local administrator has enabled.
signature.asc
Description: Digital signature