[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Should we include nss-certs out of the box?

From: Maxim Cournoyer
Subject: Should we include nss-certs out of the box?
Date: Wed, 03 Apr 2024 14:06:37 -0400


It's been Guix policy to let people choose whether to install or not TLS
root certificates and which one to their machine.  While I applaud the
idea to have the users make a conscious decision about it, in practice I
suppose very few of us choose to *not* install any as that basically
breaks using web browsers, especially ones like IceCat which (by
default) ensures HTTPS is used on every page.

It apparently even makes it impossible to run 'guix pull', if I am to
believe bug#62026.

Should we do as in bug#62026 and have this package be part of the
recommended basic installation?  It'd be in the basic set of an
operating-system packages (via its default %base-packages set).  It
could still be manipulated via the Guix API (filtered out/replaced with
something else).

Is anyone opposed to having nss-certs in %base-packages?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]