James Westby schrieb:
On (03/07/06 23:34), Petter Reinholdtsen wrote:
[Jaldhar H. Vyas]
Is this is a good idea for Debian? I think it is but it doesn't make
sense to switch dovecot over unless all the other ssl-cert using
packages also do it. Is this possible in the etch timeframe?
Yes, it is a good idea to make the SSL certificate handling in Debian
packages more consistent. In Debian-Edu, we install and automatically
configure several services with SSL certiciates, like imap, ldap and
webmin, and it is a pain to handle all the ways SSL-certificates are
generated. :)
So, as this proposal seemed to provoke a response that was somewhere
between non-caring and enthusiastic I thought I would look in to the
possibility of doing this.
An estimate of the pacakages that generate a certificate in postinst
(lets hope there are none that include them in the package) I tried:
$ grep-available -FDepends openssl -sPackage -n | sort
apache-ssl
apache2-common
ca-certificates
courier-imap-ssl
courier-ssl
dovecot-common
dsniff
ejabberd
exim-tls
freeswan
ftpd-ssl
httping
ipopd
libapache-mod-ssl
libmultisync-plugin-syncml
nessusd
openoffice.org-core
partimage-server
python-pyopenssl
ssl-cert
ssleay
sslwrap
stone-ssl
stunnel
stunnel4
telnetd-ssl
tinyca
ultrapossum-tls
usermin
uw-imapd
webmin
Well there are a number of packages out there that can use X509 Certs
but don't do so now as per default for example lighttpd.
racoon seems to be missing as well but it doesn't look to be in good
shape (in testing) anyway.
I'd like to help but I'm not a DD.
greets Uwe
--
http://www.x-tec.de
http://www.highspeed-firewall.de
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
