From Fedora Project Wiki
No edit summary |
No edit summary |
||
| Line 6: | Line 6: | ||
The purpose of this page is to document and explain changes that Fedora applies on top of the upstream project. | The purpose of this page is to document and explain changes that Fedora applies on top of the upstream project. | ||
Starting with version 2.1 of the package, the set of certificates trusted by default differs from the upstream project, for compatibility reasons. | |||
Certain CA certificates are kept trusted, in order to ensure compatibility for software that cannot automatically find alternative trust chains, such as OpenSSL. See also this tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=1166614 | |||
Revision as of 13:30, 21 November 2014
This is the home page for the ca-certificates.rpm package included in Fedora. It contains the set of CA certificates chosen by the Mozilla Foundation for use with the Internet PKI.
For the upstream project, see:
- https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/
- https://lists.mozilla.org/listinfo/dev-security-policy
The purpose of this page is to document and explain changes that Fedora applies on top of the upstream project.
Starting with version 2.1 of the package, the set of certificates trusted by default differs from the upstream project, for compatibility reasons.
Certain CA certificates are kept trusted, in order to ensure compatibility for software that cannot automatically find alternative trust chains, such as OpenSSL. See also this tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=1166614