3
edits
Talk:Thunderbird:Home: Difference between revisions
Added TLS/SSL Cert Store discussion
No edit summary |
(Added TLS/SSL Cert Store discussion) |
||
| Line 88: | Line 88: | ||
Figure 1: http://www.flickr.com/photos/34337875@N02/3194799979/ | Figure 1: http://www.flickr.com/photos/34337875@N02/3194799979/ | ||
Figure 2: http://www.flickr.com/photos/34337875@N02/3195722740/ | Figure 2: http://www.flickr.com/photos/34337875@N02/3195722740/ | ||
== Use OS TLS/SSL Certificate Store instead of local store == | |||
Thunderbird (and Firefox) should use the Operating System's SSL Certificate repository instead of a local store. There is no reason to store the same information twice and integration with the OS makes system administration much easier. | |||
For example, a sysadmin should be able to distribute a self-signed CA cert to all the hosts she manages and not worry about Thunderbird having the cert or not. | |||
For Linux look in (the path should be configurable) by default: | |||
debian/ubuntu: /etc/ssl/certs/ | |||
redhat/centos: /usr/share/ssl/certs/ | |||
(see what other big distros use) | |||
At the very least, if a local store isn't going away, there should be an unattended way of adding a cert such that all Thundebird users on a host have the cert installed. | |||