[PATCH 3/3] treewide: switch to HTTPS by default

Henrique de Moraes Holschuh henrique at nic.br
Fri Jul 24 12:02:30 EDT 2020

On 24/07/2020 11:29, Petr Štetiar wrote:
> As there is now WolfSSL included by default due to SAE/WPA3 we can
> finally switch to TLS/SSL in other parts as well.

> +	base-files libc libgcc busybox dropbear mtd uci opkg netifd \
> +	fstools uclient-fetch logd urandom-seed urngd libustream-wolfssl \
> +	ca-certificates

Can we fix anything that requires ca-bundle and consider that a bug that 
blocks new packages from being accepted?  Because ca-certificates + 
ca-bundle on the same system is really awful FLASH-wise.

Alternatively, fix anything that requires ca-certificates and keep 
ca-bundle.  The issue is not which one is used (IMHO): as far as I am 
concerned, either one is fine as long as we never need *both* at the 
same time.

Henrique de Moraes Holschuh

More information about the openwrt-devel mailing list