[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Should we include nss-certs out of the box?
|
From: |
Maxim Cournoyer |
|
Subject: |
Re: Should we include nss-certs out of the box? |
|
Date: |
Thu, 25 Apr 2024 11:35:59 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) |
Hello!
Clément Lassieur <clement@lassieur.org> writes:
> On Wed, Apr 03 2024, Maxim Cournoyer wrote:
>
>> It's been Guix policy to let people choose whether to install or not TLS
>> root certificates and which one to their machine. While I applaud the
>> idea to have the users make a conscious decision about it, in practice I
>> suppose very few of us choose to *not* install any as that basically
>> breaks using web browsers, especially ones like IceCat which (by
>> default) ensures HTTPS is used on every page.
>
> I'd be surprised Icecat breaks from this as it uses its own cert
> database and allows HTTP when HTTPS doesn't work.
I didn't know Icecat had its own cert database.
About allowing HTTP, it can access pages using it, but not without going
through a "Continue despite security risks" dialog, and perhaps turning
off the HTTPS everywhere add-on for the page, which is installed by
default.
--
Thanks,
Maxim
- Should we include nss-certs out of the box?, Maxim Cournoyer, 2024/04/03
- Re: Should we include nss-certs out of the box?, Ryan Prior, 2024/04/03
- Re: Should we include nss-certs out of the box?, Felix Lechner, 2024/04/03
- Re: Should we include nss-certs out of the box?, Jan Wielkiewicz, 2024/04/05
- Re: Should we include nss-certs out of the box?, Richard Sent, 2024/04/08
- Re: Should we include nss-certs out of the box?, Ludovic Courtès, 2024/04/10
- Re: Should we include nss-certs out of the box?, Clément Lassieur, 2024/04/23
- Re: Should we include nss-certs out of the box?,
Maxim Cournoyer <=