develooper Front page | perl.perl5.porters | Postings from June 2022

Re: Pre-RFC: support https out-of-the-box

Thread Previous | Thread Next
From:
Craig A. Berry
Date:
June 15, 2022 22:22
Subject:
Re: Pre-RFC: support https out-of-the-box
Message ID:
CA+vYcVx_dYvXCFQQJhg9r6RkgDfiwWnTbQpmG54oyCZyvPP-1w@mail.gmail.com
On Wed, Jun 15, 2022 at 2:23 AM Alexander Hartmaier
<alex.hartmaier@gmail.com> wrote:
>
> On Tue, Jun 14, 2022 at 6:18 PM Elvin Aslanov <rwp.primary@gmail.com> wrote:
>>
>> yeah but `cpan Mozilla::CA` isn't hard to do to update the module and it won't break with newer Perl versions as well since it's just plaintext non-code certificates bundle
>
>
> I'd prefer if the stack used the OS trusted CAs by default instead of having its own list.
> This should only be the default and overrideable for private CA use-cases.

But that is a *massively* more difficult portability problem than just
"where do I find OpenSSL or LibreSSL?".  Do you know where the OS
trusted CAs are for every platform and distribution on which Perl
runs? Or if there even is such a thing as an "OS trusted CA" on all of
them?  Or what format they are in?  Or whether they even exist on the
filesystem or are in some proprietary data store?

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About