[Pkg-utopia-maintainers] Bug#543455: network-manager: default directory for CA certificates
Drew Parsons
dparsons at debian.org
Tue Aug 25 05:41:55 UTC 2009
Package: network-manager
Version: 0.7.1-2
Severity: normal
Some of the authentication schemes for WPA/WPA2 Enterprise (e.g.
PEAP,TLS) are intended to operate with a CA certificate. The
authentication dialog box has a CA Certificate entry for this. We can
click on it to find the required CA certificate file (it's not found
automatically).
Clicking to choose the file, the Choose A CA Certificate File dialog
box opens up to the user's home directory by default, as if the user
is supposed to have obtained the CA cert from somewhere and saved it
among their files. Is this the normally expected behaviour? I would
have thought it would be more common for networks to use the normal
public certificates of known CAs, such as those listed in
/etc/ssl/certs/ or /usr/share/ca-certificates/mozilla/. (For instance
at our institution we're instructed to select Thawte). By way of
comparison, the Windows WPA client used here lists all the available
CAs as part of the user interface (rather than asking for a file to be
located).
Would you consider having the Choose A CA Certificate File dialog
point to, say, /etc/ssl/certs/, by default rather than the user's home
directory? This would make it easier for users to see what to look
for, and thereby make it less likely that they'll click on "ignore" in
regards to the CA certificate, only to wonder why no connection is
being made.
Thanks,
Drew
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages network-manager depends on:
ii adduser 3.110 add and remove users and groups
ii dbus 1.2.16-2 simple interprocess messaging syst
ii dhcp3-client 3.1.2p1-1 DHCP client
ii hal 0.5.13-3 Hardware Abstraction Layer
ii ifupdown 0.6.8+nmu1 high level tools to configure netw
ii libc6 2.9-25 GNU C Library: Shared libraries
ii libdbus-1-3 1.2.16-2 simple interprocess messaging syst
ii libdbus-glib-1-2 0.82-1 simple interprocess messaging syst
ii libgcrypt11 1.4.4-3 LGPL Crypto library - runtime libr
ii libglib2.0-0 2.20.4-1 The GLib library of C routines
ii libgnutls26 2.8.3-2 the GNU TLS library - runtime libr
ii libgpg-error0 1.6-1 library for common error values an
ii libhal1 0.5.13-3 Hardware Abstraction Layer - share
ii libnl1 1.1-5 library for dealing with netlink s
ii libnm-glib0 0.7.1-2 network management framework (GLib
ii libnm-util1 0.7.1-2 network management framework (shar
ii libpolkit-dbus2 0.9-4 library for accessing PolicyKit vi
ii libpolkit2 0.9-4 library for accessing PolicyKit
ii libtasn1-3 2.3-1 Manage ASN.1 structures (runtime)
ii libudev0 0.141-2 libudev shared library
ii libuuid1 2.16-3 Universally Unique ID library
ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip
ii wpasupplicant 0.6.9-3 client support for WPA and WPA2 (I
ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime
Versions of packages network-manager recommends:
ii dnsmasq-base 2.49-1 A small caching DNS proxy and DHCP
ii iptables 1.4.4-2 administration tools for packet fi
ii network-manager-gnome 0.7.1-1 network management framework (GNOM
ii policykit 0.9-4 framework for managing administrat
ii ppp 2.4.4rel-10.1 Point-to-Point Protocol (PPP) - da
Versions of packages network-manager suggests:
ii avahi-autoipd 0.6.25-1 Avahi IPv4LL network address confi
-- no debconf information
More information about the Pkg-utopia-maintainers
mailing list