> Am 03.05.2017 um 14:20 schrieb Luca Toscano <toscano.l...@gmail.com>: > > Hi Graham, > > 2017-05-03 14:09 GMT+02:00 Graham Leggett <minf...@sharp.fm>: > On 03 May 2017, at 2:01 PM, Stefan Eissing <stefan.eiss...@greenbytes.de> > wrote: > > > We seem to all agree that a definition in code alone will not be good > > enough. People need to be able to see what is actually in effect. > > I think we’re overthinking this. > > We only need to document the settings that SSLSecurityLevel has clearly in > our docs, and make sure that "httpd -L” prints out the exact details so no > user need ever get confused.
+1 Having the definitions listed via command line is good enough for me. > > I think that in this case documentation is not enough since it tends to > quickly fall behind dev commits, plus it would be great for a user to know in > a programatic way what are the runtime settings used for SSL (or just to > allow admin to manually check/review them). > > > > If we let users define their own classes, it could look like this: > > Immediately we’ve jumped into functionality that is beyond Mr/Mrs Normal > > True, even if the idea looks great I'd focus only on Mr/Mrs Normal for the > moment :) Agreed.