Re: [RFR] templates://ca-certificates/{templates}
Christian Perrier wrote:
> Your review should be sent as an answer to this mail.
Changes to two lines:
> Template: ca-certificates/trust_new_crts
...
> - ask: prompt for each new CA certificates, or not.
Prompt or not?
- ask: prompt for each new CA certificate.
> Template: ca-certificates/enable_crts
...
> Please select the certificate authorities you trust so that they're
> installed into /etc/ssl/certs.They will be compiled in a single file
^space ^to
> named /etc/ssl/certs/ca-certificates.crt.
It would also be possible to avoid the dot-crt-dot by saying "a
single /etc/ssl/certs/ca-certificates.crt file", but that's not in
the patch.
--
JBR
Ankh kak! (Ancient Egyptian blessing)
--- ../ca-certificates.old/debian/templates 2007-02-02 06:23:19.000000000 +0000
+++ debian/templates 2007-06-23 14:36:42.000000000 +0100
@@ -2,28 +2,29 @@
Type: select
_Choices: yes, no, ask
Default: yes
-_Description: Trust new CAs certificates?
+_Description: Trust new certificate authorities' certificates?
This package may install new CA (Certificate Authority) certificates when
- upgrading. You may want to check such new CA certificates and select only
+ upgrading. You may want to check such new CA certificates and select only
certificates that you trust.
.
- - "yes", new CA certificates will be trusted and installed.
- - "no", new CA certificates will not be installed by default.
- - "ask", Ask if you trust each new CA certificates, or not.
+ - yes: new CA certificates will be trusted and installed;
+ - no : new CA certificates will not be installed by default;
+ - ask: prompt for each new CA certificate.
Template: ca-certificates/new_crts
Type: multiselect
_Choices: ${new_crts}
-_Description: Select new certificates to activate:
- During the upgrade, these new certificates will be added. Do you
- trust them and want them installed into /etc/ssl/certs?
+_Description: New certificates to activate:
+ During upgrades, new certificates will be added. Please choose
+ those you trust.
Template: ca-certificates/enable_crts
Type: multiselect
_Choices: ${enable_crts}
-_Description: Select certificates to activate:
+_Description: Certificates to activate:
This package installs common CA (Certificate Authority) certificates in
- /usr/share/ca-certificates. You can select certs from these available
- certs to be installed into /etc/ssl/certs. This package will make symlinks
- and generate a single file of all your selected certs,
- /etc/ssl/certs/ca-certificates.crt.
+ /usr/share/ca-certificates.
+ .
+ Please select the certificate authorities you trust so that they're
+ installed into /etc/ssl/certs. They will be compiled into a single file
+ named /etc/ssl/certs/ca-certificates.crt.
--- ../ca-certificates.old/debian/control 2007-03-04 05:23:48.000000000 +0000
+++ debian/control 2007-06-23 13:01:05.000000000 +0100
@@ -10,22 +10,23 @@
Architecture: all
Depends: openssl, ${misc:Depends}
Enhances: libssl0.9.8, openssl
-Description: Common CA Certificates PEM files
- It includes the followings PEM files of CA certificates
+Description: Common CA certificates
+ This package includes the followings PEM files of CA certificates:
.
- * spi-inc.org certificate
- * db.debian.org certificate
- * debconf.org certificate
- * Mozilla builtin CA certificates
- * CACert.org certificates
- * Brazilian Government Certificate
- * Signet CA certificates
- * QuoVadis CA certificates
+ - spi-inc.org
+ - db.debian.org
+ - debconf.org
+ - Mozilla builtin CAs
+ - CACert.orgs
+ - Brazilian government
+ - Signet
+ - QuoVadis
.
- This is useful for any openssl applications to verify
- SSL connection.
+ It allows SSL-based applications to check for the authenticity of
+ SSL connections.
.
- Note that certificate authorities whose certificates are included in
- this package are not in any way audited for trustworthiness and RFC
- 3647 compliance, and that full responsibility to assess them rests
- with the user.
+ Please note that certificate authorities whose certificates are
+ included in this package are not in any way audited for
+ trustworthiness and RFC 3647 compliance, and that full responsibility
+ to assess them belongs to the local system administrator.
+
Template: ca-certificates/trust_new_crts
Type: select
_Choices: yes, no, ask
Default: yes
_Description: Trust new certificate authorities' certificates?
This package may install new CA (Certificate Authority) certificates when
upgrading. You may want to check such new CA certificates and select only
certificates that you trust.
.
- yes: new CA certificates will be trusted and installed;
- no : new CA certificates will not be installed by default;
- ask: prompt for each new CA certificate.
Template: ca-certificates/new_crts
Type: multiselect
_Choices: ${new_crts}
_Description: New certificates to activate:
During upgrades, new certificates will be added. Please choose
those you trust.
Template: ca-certificates/enable_crts
Type: multiselect
_Choices: ${enable_crts}
_Description: Certificates to activate:
This package installs common CA (Certificate Authority) certificates in
/usr/share/ca-certificates.
.
Please select the certificate authorities you trust so that they're
installed into /etc/ssl/certs. They will be compiled into a single file
named /etc/ssl/certs/ca-certificates.crt.
Source: ca-certificates
Section: misc
Priority: optional
Maintainer: Fumitoshi UKAI <ukai@debian.or.jp>
Build-Depends: debhelper (>> 4.1.16), po-debconf
Build-Depends-Indep: ruby
Standards-Version: 3.5.9
Package: ca-certificates
Architecture: all
Depends: openssl, ${misc:Depends}
Enhances: libssl0.9.8, openssl
Description: Common CA certificates
This package includes the followings PEM files of CA certificates:
.
- spi-inc.org
- db.debian.org
- debconf.org
- Mozilla builtin CAs
- CACert.orgs
- Brazilian government
- Signet
- QuoVadis
.
It allows SSL-based applications to check for the authenticity of
SSL connections.
.
Please note that certificate authorities whose certificates are
included in this package are not in any way audited for
trustworthiness and RFC 3647 compliance, and that full responsibility
to assess them belongs to the local system administrator.
Reply to: