On Sun, 25 May 2014, Joerg Jaspert wrote:
severity 747617 important
severity 730828 important
merge 747617 730828
thanks
Hi
(honestly, this debconf abuse should be severity grave, its really
annoying, it breaks upgrades (waiting for the admin, setting debconf
priority > low is not a solution))
just now had an upgrade 1:2.2.12-3 -> 1:2.2.13~rc1-1, but this goes back
all time to when this had been introduced, and it asked about moving the
certs multiple times.
I do think that
db_set dovecot-core/create-ssl-cert false
that lines must go away. Or the whole logic rewritten to only ever run
if the certs really got created by dovecot (and even then its
questionable that one has to annoy the admin more than once)
I had hoped that the debconf questions would mean you are only asked once
(an annoyance yes, but just a small one) but you and others are reporting
that you get asked multiple times. I can see that that would be very
annoying. So given the amount of heartache this thing is giving our
users, I am now inclined to get rid of the cert creation stuff altogether.
The only thing that gives me pause is what dkg wrote in #608719. If this
is a valid concern, then as it is our (ok my :-) fault the cert is
was in the wrong place, would merely documenting the need for a move in
README.Debian be sufficient in your opinion?
In general, with all the government and corporate spying going on I would
like our mail packages to be as secure as possible out of the box. After
all that's why I for one am running my own mail server rather than just
using gmail etc. But if it is too difficult to do cert handling correctly
and to everyones satisfaction than yes lets remove it.
--
Jaldhar H. Vyas <jald...@debian.org>
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
