On 10/08/2010 19:14, [email protected] wrote:
On Tue, Aug 10, 2010 at 06:56:14PM +0100, Darren J Moffat wrote:
On 10/08/2010 18:48, [email protected] wrote:
A follow on question: is there any legitimate use case where the
client wouldn't want to verify the peer's certificate? Prior to this
change, if no CA directory was present, the client wouldn't bother to
try to verify the server's certificate. If we allow the user to specify
a CA directory, should setting the CA directory to None allow the client
to forgo the peer verification? (For the record, the current webrev
always has the client verifying the peer).
Libraries like libcurl allow for that, but outside of a testing
environment I can't see a real need for it. What should work though
is the server providing a self-signed cert or a cert chain ending in
a self-signed cert - without the nonsense UI that Firefox 3.x puts
you though (that doesn't actually help security and just further
trains users to click though).
This works as long as the self-signed cert is in the CA directory. I'm
assuming that's sufficient for this case, no?
Yes it is.
It is easy enough to build your own install images now with the
distro constructor so even if your pkg repos are running with a cert
signed by a CA not in the ca-certificates package you can still
work.
Could you clarify what you mean here? At first I thought you were
suggesting that we accept a CA that's not in the trusted CA directory,
but I don't think that's what you mean.
I'm suggesting that if one is building a distro that needs a default
publisher that uses SSL, that isn't using a cert signed by a CA cert,
then one can use distro constructor to build that install image and
include that CA cert in the directory.
--
Darren J Moffat
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
