Quoting Daniel Pocock (2015-08-02 18:49:16) > On 02/08/15 17:44, Christoph Anton Mitterer wrote: >> - Would be yet another location of privacy leak in Debian, where the >> system automatically calls "home" to some more commercial than >> community organisations. > > This would not be automatic. It would at least have to prompt people, > "do you want to configure your SSL web server manually or do you want > this postinst script to help you?". If people are running dpkg > without showing questions of priority medium or low, it may leave SSL > unconfigured for that package, so no privacy leak occurs. I believe current logic of ssl-cert is to have services use self-signed "Snakeoil" certificate if left to itself - not leave services with broken¹ TLS configuration Other than that I agree with both of you :-) - Jonas ¹ Yes, some may argue that use of self-signed certificate _is_ broken but that's beside the point here: Some may argue same about any and all debconf defaults, e.g. the hostname being "debian" :-P -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
Attachment:
signature.asc
Description: signature