cURL / Mailing Lists / curl-library / Single Mail


Re: Using libcurl/SSL with in-core certificate - solved

From: Dan Fandrich <>
Date: Thu, 1 Sep 2005 13:38:31 -0700

On Thu, Sep 01, 2005 at 03:39:04PM +0200, Daniel Stenberg wrote:
> On Thu, 1 Sep 2005, theo borm wrote:
> >So what are we talking about - basically the forces of politics and lots
> >of money at work. I symphatize with you for not wanting to become tied up
> >too much in these areas.
> I wouldn't mind being one member in a CA cert *team*, sorting these things
> out, but I certainly have no intentions of heading such a task or team. For
> the reasons you so clearly describe.
> >If you want 1) to be sorted out I will gladly volunteer to send a polite
> >email to the CA's listed in popular browsers and see what response I get.
> >As to the second issue: my opinion (users should inform themselve) is not
> >very helpfull.
> If you by this mean CA certs that other browsers have but we don't provide
> in our CA bundle, then I am indeed interested in getting this help.

Surely, other public projects have encountered exactly the same problem
and have solved them somehow. It seems to me that effort spent now
in solving this problem would be most efficiently spent in investigating
one of those projects (whether Mozilla or others) with a reasonable
philosophy of cert inclusion (including the licensing issues), and simply
reusing their bundle. Effort spent up front in this would, if successful,
save lots of ongoing effort in adding and updating certs.

>>> Dan

--              The web change of address service
          Let webmasters know that your web site has moved
Received on 2005-09-01