From owner-cvs-ports@FreeBSD.ORG  Thu Jun  7 19:45:30 2007
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
X-Original-To: cvs-ports@FreeBSD.org
Delivered-To: cvs-ports@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 18F6A16A46B;
	Thu,  7 Jun 2007 19:45:30 +0000 (UTC)
	(envelope-from simon@zaphod.nitro.dk)
Received: from mx.nitro.dk (zarniwoop.nitro.dk [83.92.207.38])
	by mx1.freebsd.org (Postfix) with ESMTP id C52C313C46A;
	Thu,  7 Jun 2007 19:45:29 +0000 (UTC)
	(envelope-from simon@zaphod.nitro.dk)
Received: from zaphod.nitro.dk (unknown [192.168.3.39])
	by mx.nitro.dk (Postfix) with ESMTP id 4CBF22D4F63;
	Thu,  7 Jun 2007 19:45:28 +0000 (UTC)
Received: by zaphod.nitro.dk (Postfix, from userid 3000)
	id 3BC2911457; Thu,  7 Jun 2007 21:45:28 +0200 (CEST)
Date: Thu, 7 Jun 2007 21:45:28 +0200
From: "Simon L. Nielsen" <simon@FreeBSD.org>
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org,
	cvs-all@FreeBSD.org
Message-ID: <20070607194527.GB1193@zaphod.nitro.dk>
References: <200706071941.l57JfFNw026347@repoman.freebsd.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200706071941.l57JfFNw026347@repoman.freebsd.org>
User-Agent: Mutt/1.5.15 (2007-04-06)
Cc: 
Subject: Re: cvs commit: ports/security/ca-roots Makefile
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jun 2007 19:45:30 -0000

On 2007.06.07 19:41:15 +0000, Simon L. Nielsen wrote:
> simon       2007-06-07 19:41:15 UTC
> 
>   FreeBSD ports repository
> 
>   Modified files:
>     security/ca-roots    Makefile 
>   Log:
>   Deprecated and set one month expiration since it's not supported by
>   the FreeBSD Security Officer anymore.
>   
>   The current ca-roots port makes promises with regard to CA verification
>   which the current Security Officer (and deputy) do not want to make.

brooks@ has a new port which has a list of CA's (I think he said it
was extracted on-the-fly from OpenSSL but I can't recall for sure),
which will should be committed soonish.  This will not be a direct
replacement for ca-roots wrt. guarantees of the CA's, but can probably
be used in most cases where ca-roots is used today.

-- 
Simon L. Nielsen