From owner-freebsd-ports-bugs@FreeBSD.ORG  Thu Nov 24 07:00:35 2005
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
X-Original-To: freebsd-ports-bugs@hub.freebsd.org
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9002616A459
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Thu, 24 Nov 2005 07:00:35 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B6E4A43D70
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Thu, 24 Nov 2005 07:00:07 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id jAO7079L002795
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Thu, 24 Nov 2005 07:00:07 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.3/8.13.1/Submit) id jAO707OV002790;
	Thu, 24 Nov 2005 07:00:07 GMT (envelope-from gnats)
Resent-Date: Thu, 24 Nov 2005 07:00:07 GMT
Resent-Message-Id: <200511240700.jAO707OV002790@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, PeterJeremy@optushome.com.au
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 81F1916A41F
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu, 24 Nov 2005 06:51:41 +0000 (GMT)
	(envelope-from peterjeremy@optushome.com.au)
Received: from mail28.syd.optusnet.com.au (mail28.syd.optusnet.com.au
	[211.29.133.169])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9B7B143D78
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu, 24 Nov 2005 06:51:02 +0000 (GMT)
	(envelope-from peterjeremy@optushome.com.au)
Received: from server.vk2pj.dyndns.org
	(c220-239-19-236.belrs4.nsw.optusnet.com.au [220.239.19.236])
	by mail28.syd.optusnet.com.au (8.12.11/8.12.11) with ESMTP id
	jAO6omSe016299
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO);
	Thu, 24 Nov 2005 17:50:48 +1100
Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1])
	by server.vk2pj.dyndns.org (8.13.4/8.13.4) with ESMTP id jAO6omLd044061;
	Thu, 24 Nov 2005 17:50:48 +1100 (EST)
	(envelope-from peter@server.vk2pj.dyndns.org)
Received: (from peter@localhost)
	by server.vk2pj.dyndns.org (8.13.4/8.13.1/Submit) id jAO6olt0044060;
	Thu, 24 Nov 2005 17:50:47 +1100 (EST) (envelope-from peter)
Message-Id: <200511240650.jAO6olt0044060@server.vk2pj.dyndns.org>
Date: Thu, 24 Nov 2005 17:50:47 +1100 (EST)
From: PeterJeremy@optushome.com.au
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Cc: PeterJeremy@optushome.com.au
Subject: ports/89483: Request to add CAcert.org keys to security/ca-roots
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: PeterJeremy@optushome.com.au
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Nov 2005 07:00:36 -0000


>Number:         89483
>Category:       ports
>Synopsis:       Request to add CAcert.org keys to security/ca-roots
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Nov 24 07:00:07 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Peter Jeremy
>Release:        FreeBSD 7.0-CURRENT i386
>Organization:
n/a
>Environment:
System: FreeBSD server.vk2pj.dyndns.org 7.0-CURRENT FreeBSD 7.0-CURRENT #13: Mon Nov 14 19:37:17 EST 2005 root@server.vk2pj.dyndns.org:/var/obj/k7/usr/src/sys/server i386

>Description:
	security/ca-roots provides a X.509 root certificate database.
	To quite CAcert's website (www.cacert.org):
	"CAcert.org is a community driven, Certificate Authority that issues
	 certificates to the public at large for free."
	CAcert's aim meshes well with FreeBSD's aims and that including
	CAcert's root certificates in FreeBSD would benefit both projects.

	CAcert has its root certificates included in Debian, Knoppix 3.8,
	Gentoo, MirBSD, CentOS 4 and the Nokia 770.  Negotiations are
	underway with Mozilla, Grml and Fedora.

	Disclaimer:
	My only interest in CAcert.org is as a validated assurer.

>How-To-Repeat:
	grep -y cacert /usr/ports/security/ca-roots/files/ca-root.crt
>Fix:
	Import CAcert.org's root certificates from
	http://www.cacert.org/certs/class3.crt
	http://www.cacert.org/certs/root.crt
	(authenticating these certificates is left as an exercise for
	the reader :-)
>Release-Note:
>Audit-Trail:
>Unformatted: