Scribit sean finney dies 16/10/2005 hora 11:00:
> also, i think extreme care should be take wrt these ssl certificates.
> i don't think they should be blindly purged at package removal (or
> probably even package purge) time, without getting permission from the
> local admin.
I think that this SSL
On Sat, 15 Oct 2005 15:35:40 +0200, Peter Palfrader
<[EMAIL PROTECTED]> wrote:
>I think better than yet another complex system to handle reference
>counts and stuff all packages should by default just be configured to
>use /the/ host certificate.
>
>That is, have all packages that need ssl certs de
On 10/16/05, sean finney <[EMAIL PROTECTED]> wrote:
> On Sun, Oct 16, 2005 at 03:59:17PM +0200, Wouter Verhelst wrote:
> > Such a tool would be very nice, and not just because of the cruft they
> > leave behind -- many packages currently support SSL connections; some
> > automatically generate a se
On Sun, Oct 16, 2005 at 11:00:53AM -0400, sean finney wrote:
> On Sun, Oct 16, 2005 at 03:59:17PM +0200, Wouter Verhelst wrote:
> > Such a tool would be very nice, and not just because of the cruft they
> > leave behind -- many packages currently support SSL connections; some
> > automatically gene
On Sun, Oct 16, 2005 at 03:59:17PM +0200, Wouter Verhelst wrote:
> Such a tool would be very nice, and not just because of the cruft they
> leave behind -- many packages currently support SSL connections; some
> automatically generate a self-signed certificate upon installation,
> others leave that
On Sat, Oct 15, 2005 at 03:10:50PM +0300, Lars Wirzenius wrote:
> With my testing of packages in etch with piuparts[1], I occasionally run
> into a problem that occurs in many packages in the same way. One such
> problem is the creation and deletion of SSL certificates for various
> services (imaps
On Sat, 15 Oct 2005, Steve Langasek wrote:
> On Sat, Oct 15, 2005 at 03:35:40PM +0200, Peter Palfrader wrote:
>
> > There aren't that many good reasons for having one cert per service
> > anyway,
>
> Preserving isolated security contexts for each service without having to
> make the private key
On Sat, Oct 15, 2005 at 03:35:40PM +0200, Peter Palfrader wrote:
> There aren't that many good reasons for having one cert per service
> anyway,
Preserving isolated security contexts for each service without having to
make the private key readable to all local users?
--
Steve Langasek
On 10/15/05, Thomas Viehmann <[EMAIL PROTECTED]> wrote:
> Olaf van der Spek wrote:
> > On 10/15/05, Peter Palfrader <[EMAIL PROTECTED]> wrote:
> >>We can't know all the names that people will use to refer to your
> >>server, so this is one of the cases where you have to do stuff manually
> >>anyway
Olaf van der Spek wrote:
> On 10/15/05, Peter Palfrader <[EMAIL PROTECTED]> wrote:
>>We can't know all the names that people will use to refer to your
>>server, so this is one of the cases where you have to do stuff manually
>>anyway.
> AFAIK there's an extension to HTTP to allow multiple TLS vhos
On 10/15/05, Peter Palfrader <[EMAIL PROTECTED]> wrote:
> On Sat, 15 Oct 2005, Steinar H. Gunderson wrote:
>
> > On Sat, Oct 15, 2005 at 03:35:40PM +0200, Peter Palfrader wrote:
> > > There aren't that many good reasons for having one cert per service
> > > anyway
> >
> > ...except that if you have
On Sat, 15 Oct 2005, Steinar H. Gunderson wrote:
> On Sat, Oct 15, 2005 at 03:35:40PM +0200, Peter Palfrader wrote:
> > There aren't that many good reasons for having one cert per service
> > anyway
>
> ...except that if you have a certificate for hostname.domain.com and your
> users connect to (
On Sat, Oct 15, 2005 at 03:35:40PM +0200, Peter Palfrader wrote:
> There aren't that many good reasons for having one cert per service
> anyway
...except that if you have a certificate for hostname.domain.com and your
users connect to (say) imap.domain.com, they would get a warning dialog box?
/*
On Sat, 15 Oct 2005, Lars Wirzenius wrote:
> My suggestion would be to create a tool to manage installation and
> removal of certificates. Something like this:
>
> update-ssl-certificate --create package servicename
> update-ssl-certificate --remove package servicename
I think be
14 matches
Mail list logo
