[Pkg-utopia-maintainers] Bug#543455: network-manager: default directory for CA certificates

Drew Parsons dparsons at debian.org
Tue Aug 25 05:41:55 UTC 2009


Package: network-manager
Version: 0.7.1-2
Severity: normal

Some of the authentication schemes for WPA/WPA2 Enterprise (e.g.
PEAP,TLS) are intended to operate with a CA certificate.  The
authentication dialog box has a CA Certificate entry for this.  We can
click on it to find the required CA certificate file (it's not found
automatically).

Clicking to choose the file, the Choose A CA Certificate File dialog
box opens up to the user's home directory by default, as if the user
is supposed to have obtained the CA cert from somewhere and saved it
among their files. Is this the normally expected behaviour?  I would
have thought it would be more common for networks to use the normal
public certificates of known CAs, such as those listed in
/etc/ssl/certs/ or /usr/share/ca-certificates/mozilla/. (For instance
at our institution we're instructed to select Thawte).  By way of
comparison, the Windows WPA client used here lists all the available
CAs as part of the user interface (rather than asking for a file to be
located).

Would you consider having the Choose A CA Certificate File dialog
point to, say, /etc/ssl/certs/, by default rather than the user's home
directory?  This would make it easier for users to see what to look
for, and thereby make it less likely that they'll click on "ignore" in
regards to the CA certificate, only to wonder why no connection is
being made.

Thanks,
Drew

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages network-manager depends on:
ii  adduser                3.110             add and remove users and groups
ii  dbus                   1.2.16-2          simple interprocess messaging syst
ii  dhcp3-client           3.1.2p1-1         DHCP client
ii  hal                    0.5.13-3          Hardware Abstraction Layer
ii  ifupdown               0.6.8+nmu1        high level tools to configure netw
ii  libc6                  2.9-25            GNU C Library: Shared libraries
ii  libdbus-1-3            1.2.16-2          simple interprocess messaging syst
ii  libdbus-glib-1-2       0.82-1            simple interprocess messaging syst
ii  libgcrypt11            1.4.4-3           LGPL Crypto library - runtime libr
ii  libglib2.0-0           2.20.4-1          The GLib library of C routines
ii  libgnutls26            2.8.3-2           the GNU TLS library - runtime libr
ii  libgpg-error0          1.6-1             library for common error values an
ii  libhal1                0.5.13-3          Hardware Abstraction Layer - share
ii  libnl1                 1.1-5             library for dealing with netlink s
ii  libnm-glib0            0.7.1-2           network management framework (GLib
ii  libnm-util1            0.7.1-2           network management framework (shar
ii  libpolkit-dbus2        0.9-4             library for accessing PolicyKit vi
ii  libpolkit2             0.9-4             library for accessing PolicyKit
ii  libtasn1-3             2.3-1             Manage ASN.1 structures (runtime)
ii  libudev0               0.141-2           libudev shared library
ii  libuuid1               2.16-3            Universally Unique ID library
ii  lsb-base               3.2-23            Linux Standard Base 3.2 init scrip
ii  wpasupplicant          0.6.9-3           client support for WPA and WPA2 (I
ii  zlib1g                 1:1.2.3.3.dfsg-15 compression library - runtime

Versions of packages network-manager recommends:
ii  dnsmasq-base               2.49-1        A small caching DNS proxy and DHCP
ii  iptables                   1.4.4-2       administration tools for packet fi
ii  network-manager-gnome      0.7.1-1       network management framework (GNOM
ii  policykit                  0.9-4         framework for managing administrat
ii  ppp                        2.4.4rel-10.1 Point-to-Point Protocol (PPP) - da

Versions of packages network-manager suggests:
ii  avahi-autoipd                 0.6.25-1   Avahi IPv4LL network address confi

-- no debconf information





More information about the Pkg-utopia-maintainers mailing list