cURL
Haxx ad
libcurl
Mailing Lists

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-tracker mailing list Archives

[ curl-Bugs-1889593 ] Update of ca-bundle

From: SourceForge.net <noreply_at_sourceforge.net>
Date: Fri, 08 Feb 2008 10:54:22 -0800

Bugs item #1889593, was opened at 2008-02-08 15:45
Message generated for change (Comment added) made by startcom
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=1889593&group_id=976

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: https
Group: bad behaviour
>Status: Open
Resolution: Duplicate
Priority: 5
Private: No
Submitted By: StartCom (startcom)
Assigned to: Daniel Stenberg (bagder)
Summary: Update of ca-bundle

Initial Comment:
I'm not sure why exactly the ca-bundle shipped with curl is from the year 2000, instead various resources are invested at the web site in order to explain how to get the ca-bundle updated. Would it be possible to ship this one instead with the default download?

http://curl.haxx.se/ca/cacert.pem

This file is about double the size compared to the one with the curl archive, meaning that most users of curl will have to update the ca-bundle in order to play nice. This is perhaps an unneeded step and confusing for many others which rely on shared hosting with no access to the relevant files.

----------------------------------------------------------------------

>Comment By: StartCom (startcom)
Date: 2008-02-08 20:54

Message:
Logged In: YES
user_id=1078132
Originator: YES

I was reading the other bugs. I can help straiten this out since I'm also
involved at Mozilla and/or could use other sources instead. First of all,
under which license did you obtain the current ca-bundle from Netscape?
Which license would you prefer (if at all).

CA certificates usually belong to the CAs and not to any party. Except a
few restricted ones, all CA certificates currently in use are published by
the CAs for consumption, hence I don't see a particular problem. If we can
solve the license issue you mentioned concerning Mozilla you could include
the extract tool into the build system, not requiring you to maintain the
ca-bundle at all.

----------------------------------------------------------------------

Comment By: Dan Fandrich (dfandrich)
Date: 2008-02-08 20:31

Message:
Logged In: YES
user_id=236775
Originator: NO

Duplicate of bug #1706732 and #1884844

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=1889593&group_id=976
Received on 2008-02-08

These mail archives are generated by hypermail.

donate! Page updated November 12, 2010.
web site info

File upload with ASP.NET