kdelibs

Bug #334191
Comment #65

Comment 65 for bug 334191

Revision history for this message

In KDE Bug Tracking System #162485, rdratlos (rdratlos) wrote on 2010-01-29:

#65

(In reply to comment #61)

I agree to Andreas. But we need a clear documented proceeding in order to avoid that we have the same mess again because of people reopening this bug.

> This report is a kitchen sink of still valid and fixed bugs.
> I would like to close it but somebody would surely reopen it because some of
> the bugs here are still present. I know. Instead I'll disregard the bug for now
> and close it later when the most important issues have been fixed. But this
> report is *not* useful.
>
> For most of the issues there is a separate bug report already, feel free to
> open new, *specific* ones for remaining issues without a bug number of their
> own. If a bug that is not a crash can't be described in terms of "I expected A
> to happen but B happened instead" it is usually not specific enough.
> The SSL certificates user interface was removed because it didn't work - that
> does not mean that I like it that way.

We need somebody who makes a list of all sperate bugs on KDE 4.3 with regard to SSL. If we add this list as comment to this bug, people hopefully take care before opening a new one. In addition, some guidance would be helpful, because people usually experience the problem in on eof KDE's applications. But SSL related problems usually come from the underlying KIO framework. Especially in Ubuntu it's so easy to provide a comprehensive debug output using kdebugdialog, which also includes the KIO slaves.

>
> About having a separate certificate bundle in KDE, this decision was made
> before I took over maintenance of that code and I don't think it is a good idea
> anymore. I will consult with a few fellow developers to see if we can change
> that.

A similar discussion took also place in the Ubuntu bug tracking system. From there it seems that there are two strategies. The one is to have a distribution central certificate management (especially for root certificates) which can be used by all applications. The other one is to have KDE as basic application framework to provide an own certification management for all KDE based applications. As KIO still requires client certificates the work-around proposed here does not solve the problem completely. It's a good idea to discuss that with development people and include the outcome of the discussion here as a comment.

After that it's really the best to mark set up the missing bugs/wishes and close this bug as duplicate. I see good chances that in this way we clean-up the mess here.

(In reply to comment #61)

I agree to Andreas. But we need a clear documented proceeding in order to avoid that we have the same mess again because of people reopening this bug.

> This report is a kitchen sink of still valid and fixed bugs.
> I would like to close it but somebody would surely reopen it because some of
> the bugs here are still present. I know. Instead I'll disregard the bug for now
> and close it later when the most important issues have been fixed. But this
> report is *not* useful.
> 
> For most of the issues there is a separate bug report already, feel free to
> open new, *specific* ones for remaining issues without a bug number of their
> own. If a bug that is not a crash can't be described in terms of "I expected A
> to happen but B happened instead" it is usually not specific enough.
> The SSL certificates user interface was removed because it didn't work - that
> does not mean that I like it that way.

> 
> About having a separate certificate bundle in KDE, this decision was made
> before I took over maintenance of that code and I don't think it is a good idea
> anymore. I will consult with a few fellow developers to see if we can change
> that.

After that it's really the best to mark set up the missing bugs/wishes and close this bug as duplicate. I see good chances that in this way we clean-up the mess here.