Re: SSL is broken on FreeBSD
--Qxx1br4bt0+wmkIi
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Apr 01, 2011 at 03:33:15PM +0100, Istv=E1n wrote:
>=20
> FreeBSD ships OpenSSL but it is broken because there is no CA. Right,
> it is like shipping a car without wheels, I suppose.
Err . . . now. SSL isn't broken, any more than vi is broken just because
it doesn't ship with text files for you to edit. It would be more like
shipping a car without giving you a list of roads on which the
manufacturer suggests you use it.
>=20
> Is there a reason to do this?
I don't know. Maybe the guys who made that decision thought that users
should be able to make their own decisions about who to trust, rather
than relying on Verisign to make that decision for them. I'm just
speculating wildly -- I actually have no idea.
--=20
Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
--Qxx1br4bt0+wmkIi
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)
iEYEARECAAYFAk2V8CwACgkQ9mn/Pj01uKW7qgCdEfAXQPBGGqw0hZ7qYW7B4ZXV
JL0An2qRBQ52LqT2WWbo56RNjXWBBOcy
=3hU6
-----END PGP SIGNATURE-----
--Qxx1br4bt0+wmkIi--
討論串 (同標題文章)
完整討論串 (本文為第 6 之 42 篇):