On 03/13/2014 06:09 PM, Axel Beckert wrote: > The administrator of a machine can easily disable certificiates he > doesn't trust, but only if they are included in ca-certificates. > > So if it helps including CAcert's root certificates again in > ca-certificates, please include them, but disable them by default if > they're not up to some (IMHO questionable) inclusion policy. That way, > every user can securely download them via APT and enable them for the > whole system (and not only per browser) if wanted.
I agree with Axel's suggestion here.
--dkg
signature.asc
Description: OpenPGP digital signature
