[Freeipa-devel] [freeipa PR#506][comment] added ssl verification
tiran
freeipa-github-notification at redhat.com
Fri Feb 24 10:35:41 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/506
Title: #506: added ssl verification
tiran commented:
"""
Please change the title of the commit, too. It's implies that we did not verify certs in the past.
In the future please don't call the system trust store a random collection of CAs. It's diminishing and vilifying the hard work of the security team to provide a secure selection of CA certs. This change is purely an attempt to harden IPA and use the same selection of CAs everywhere.
"""
See the full comment at https://github.com/freeipa/freeipa/pull/506#issuecomment-282259839
More information about the Freeipa-devel
mailing list