cacerts bundled with OpenJDK
henri.gomez at gmail.com
Fri Jun 1 07:20:44 UTC 2012
> Disclaimer that I haven't read the thread to which you're referring.
> I think a key difference between Mozilla and OpenJDK is that Mozilla
> distributes packaged products to end users whereas OpenJDK is a
> collaboration of platform providers at the source code level. Whereas
> cacerts are fundamentally a packaged product thing, and not entirely
> necessary, and fundamentally tied to whoever is distributing the binary, I
> don't think it would or should apply. Whereas Mozilla is shipping product
> almost exclusively to end users in the form of Firefox, Thunderbird, etc,
> then I can understand why they would maintain certs with the products.
Providing a default cacerts in OpenJDK with a set of well-known ROOT
CAs would help packagers avoiding duplicate works on all
I guess there is some packagers here, at least Andrew Hughes, what do
you think about this ?
More information about the discuss