[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ca-certificate-java/openjdk installation issues

On Wed, 22 Feb 2023, Vladimir Petko wrote:

>in sync. A possible scenario is CA being revoked, which results in an

That’s why I was suggesting to keep it down to manually vetted
relevant ones.

But if that’s unpalatable (do talk to the security people!),
ship an empty JKS keystore by default. The JKS keystore will
have no nōn-Java users, and soon as the JRE is there it’ll
be regenerated.

This all won’t make bookworm any more either, so no need to
be hasty.

bye,
//mirabilos
-- 
Infrastrukturexperte • tarent solutions GmbH
Am Dickobskreuz 10, D-53121 Bonn • http://www.tarent.de/
Telephon +49 228 54881-393 • Fax: +49 228 54881-235
HRB AG Bonn 5168 • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

                        ****************************************************
/⁀\ The UTF-8 Ribbon
╲ ╱ Campaign against      Mit dem tarent-Newsletter nichts mehr verpassen:
 ╳  HTML eMail! Also,     https://www.tarent.de/newsletter
╱ ╲ header encryption!
                        ****************************************************
Reply to: