also sprach Stephen Frost <email@example.com> [2006.11.01.1605 +0100]: > > The package allows the user to cherry-pick the certificates to > > enable anyway; why preselect? > > Because it's much more common for users to want at least some set > of certificates enabled on installation. Of course. But why not add other, common certificates, like CAcert Class 3, and let the user decide whether to trust them? Anyway, as others have said, this is another discussion. > common and required by some governments (like the US) when working > with sensitive information. There's not exactly *fun* but having > an external conflict-free entity performing an audit is generally > something I consider a good thing. I think it's definitely good to see WebTrust be a cooperation between US and Canadian accountants, but I am not sure whether this qualifies as "conflict-free" for me here in .ch. In the end, it's I who should decide whom I trust. But yeah, this is another matter which I'll take up after etch. > > Would you edit the files in /etc/alternatives with an editor? > > No, but you certainly might use 'cp' to overwrite them if you're > don't realize they're symlinks. I guess I've been doing Debian too long then. /etc/alternatives is not something to me to touch without update-alternatives, and that's the case even for Suse and Fedora. I guess I'll have to add /etc/ssl/certs to the list of things Debian does differently than the rest of the world. Anyway, thanks for the discussion. I don't think I heard a single argument for using symlinks, other than to save 440k of space in /etc. I don't see how that's a reason for standard installations these days. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <firstname.lastname@example.org> : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems quantum mechanics: the dreams stuff is made of.
Description: Digital signature (GPG/PGP)