On Fri, Mar 03, 2006 at 10:47:28PM +0100, Lars Bahner wrote: > On Fri, Mar 03, 2006 at 09:13:13PM +0100, Marc Haber wrote: > > /etc/pyca obviously has some files which seem to be Debianisms. The > > only configuration file mentioned in the upstream docs is > > openssl.conf, while /etc/pyca also having a bunch of "cacert_*.cnf" > > files. The information contained there seems like a duplication of > > what is already in openssl.cnf. > > > > The only mention of these files is in README.Debian, saying "you'll > > have to edit these files". > > These are just extra openssl.cnf's for different CA's. They are > documented in /usr/share/doc/openssl/doc/openssl.txt.gz in the openssl > package.
That file is ununderstandable for people who don't sleep with the X.509 standard under their pillow. Reading it was an utter waste of time. If they're unneeded for pyca and not documented in the pyca package, why do they ship with pyca? > If what you are looking for is a quick CA-solution you might want to > take a look at the tinyca - which is also a Debian package :) unstable's tinyca does not work at all (#354386), and I am not too fond about ca software with a GUI since this needs a at least remotely recent computer to run on. > PS. pyca is not maintained upstream, and is a bit outdated. I noticed that. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
