On 07/03/14 16:16, Mark Felder: > if we do not make an effort to provide a default trust store why do we enforce verification by default? Well, there is a CA recognized trustworthy for the purpose of FreeBSD components download. It's a CA maintained by FreeBSD's security officer or other core commiter. I trust source codes under it's control already, so I can trust it's own CA that's verify such code transfers. Of course, such CA is not considered trusted for others purposes. It is acceptable to use pre-installed CA for the purpose of system maintenance, but it must not be used by any generic system utility/library by default. I mean that maintenance tools like portmaster, pkg or so may "trust" such default CA, but generic system tools like fetch or ftp as well as system libraries like libfetch must not considered a CA trusted without explicit administrators/users decision. Dan _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"