Using system SSL certificates...
Thiago Macieira
thiago at kde.org
Fri Jan 29 13:30:37 GMT 2010
Em Sexta-feira 29 Janeiro 2010, às 14:04:06, Pierre Schmitz escreveu:
> > I've already made a script to do that. Actually, a Qt program.
> >
> > I'll probably update Qt's certificate list with the Firefox ones for the
> > next Qt version.
> >
> > So all KDE has to do is stop overriding Qt's default certificate bundle.
>
> I would appreciate if KDE and Qt would use the system wide cert bundle
> (optionally configurable at build time).
The only thing that's holding me back in updating the Qt certificates is to
decide whether keeping expired certificates is a good thing.
There are 81 certificates in Qt's bundle. One of them is repeated, so 80 are
unique.
However, from those 80, 8 have expired already.
Of the 72 non-expired, unique certificates in Qt, 48 are *not* in the Firefox
certificate store. But when the remainder of the Firefox ones are added, the
total increases to 120.
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
Senior Product Manager - Nokia, Qt Development Frameworks
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20100129/e99470ce/attachment.sig>
More information about the kde-core-devel
mailing list