Control: reopen -1
Control: tag -1 +pending
Le mercredi, 1 septembre 2021, 22.40:57 h CEST Roger Lynn a écrit :
> On 27/08/2021 14:33, Didier 'OdyX' Raboud wrote:> Control: tags -1 +wontfix
>
> > Using Let's Encrypt is fine, allowed, and (apparently) working with CUPS,
> > but as that's clearly not a default way of working for CUPS, I'd be
> > _very_ reluctant to allow CUPS to access "all the Let's Encrypt
> > certificates" on all systems it gets installed to. Furthermore,
> > /etc/apparmor.d/usr.sbin.cupsd is a configuration file, freely
> > modifiable by the local system administrator. In other words, imposing
> > that a local system administrator needs to update that file to enable a
> > specific type of certificates is reasonable.
>
> CUPS appears to already have access to everything in /etc/ssl/ on all
> systems, which is where I used to keep my CAcert certificates. This doesn't
> feel any different.
You're absolutely right; that's convincing to me!
Reopening, and will fix in the next upload.
--
OdyXAttachment:
signature.asc
Description: This is a digitally signed message part.