HardenedBSD/secure
Kyle Evans b25bf676f0 caroot: commit initial bundle
Interested users can blacklist any/all of these with certctl(8), examples:

- mv /usr/share/certs/trusted/... /usr/share/certs/blacklisted/...; \
    certctl rehash
- certctl blacklist /usr/share/certs/trusted/*; \
    certctl rehash

Certs can be easily examined after installation with `certctl list`, and
certctl blacklist will accept the hashed filename as output by list or as
seen in /etc/ssl/certs

No objection from:	secteam
Relnotes:	Definite maybe
2019-10-04 02:34:20 +00:00
..
caroot caroot: commit initial bundle 2019-10-04 02:34:20 +00:00
lib
libexec
tests
usr.bin
usr.sbin
Makefile [1/3] Initial infrastructure for SSL root bundle in base 2019-10-02 01:05:29 +00:00
Makefile.inc