cacert icon indicating copy to clipboard operation
cacert copied to clipboard
verified publisher icon guardianproject

Consider publishing, or unpublishing, BKS store for use

Open commonsguy opened this issue 11 years ago • 1 comments

The project README indicates that the expected usage is to build your own BKS store. As I just pointed out in issue #9, the instructions may be missing a step for doing that.

However, I note that you have committed the output (stores/debiancacerts.bks) to the repo.

Is this a BKS file that we are supposed to use? If yes, what is the keystore password? Your sample code shows changeit, which seems suspiciously like a placeholder... :-)

If it is not something that we are supposed to use, you might consider removing it from the repo. That being said, I would encourage you to consider publishing a generated BKS file with a known password, perhaps in the Releases area. While being able to reproduce your work is great, at the end of the day, developers need the BKS store, more than they need the ability to generate the BKS store.

Thanks!

commonsguy avatar Mar 30 '14 13:03 commonsguy

The core mission of cacertman was to provide a way to remove untrusted CA certs from your device. Android has added that functionality as of 4.0, so this app is no longer really maintained. I supposed its good to have at the ready in case they remove that functionality from Android.

@n8fr8 would have to provide the details of the process since he wrote it.

.hc

On 03/30/2014 09:54 AM, Mark Murphy wrote:

The project README indicates that the expected usage is to build your own BKS store. As I just pointed out in issue #9, the instructions may be missing a step for doing that.

However, I note that you have committed the output (stores/debiancacerts.bks) to the repo.

Is this a BKS file that we are supposed to use? If yes, what is the keystore password? Your sample code shows changeit, which seems suspiciously like a placeholder... :-)

If it is not something that we are supposed to use, you might consider removing it from the repo. That being said, I would encourage you to consider publishing a generated BKS file with a known password, perhaps in the Releases area. While being able to reproduce your work is great, at the end of the day, developers need the BKS store, more than they need the ability to generate the BKS store.

Thanks!

Reply to this email directly or view it on GitHub: https://github.com/guardianproject/cacert/issues/10

PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81

eighthave avatar Mar 31 '14 18:03 eighthave