Bug#530532: Policy violation
On 25 Sep 2011, at 20:06, Philipp Kern <firstname.lastname@example.org> wrote:
> You can actually recompile them to ship with your own certs. But you
> cannot quote non-existent configuration files not being in /etc as a
> reason for a policy violation and hence upgrade it to serious, sorry.
> Kind regards
> Philipp Kern
Ok, so there's probably not such a thing as a bug in an open source software, because you can just fix it and compile it yourself.
I know that's it's a question of opinion and that it's probably never going to be fixed, but I strongly disagree with you: this is a big issue. It's not Debian's fault, I know that, but if you want Debian to be consistant, you can't have certificates bundles everywhere in the system, the recent Diginotar issue proves it again : you guys had to upload a shitload of packages just to remove one single CA, sometimes with several days of interval.
I find it ridiculous, unsafe and messy. In my opinion it should be adressed and would definitely make Debian a better system.
I acknowledge you are really making a good job with Debian, so I don't mean to be rude...