On Tue, Apr 01, 2014 at 12:36:18PM -0400, Daniel Kahn Gillmor wrote:
> I think the current best approach to this is the "public suffix list",
> http://publicsuffix.org/ it's a horrible kludge (a fully-enumerated list
> of all zones that are known to allow registration of sub-zones to the
> public), but it's better than just counting labels.
>
> there are a few C libraries that could be used to make this abstraction
> available to OpenSSL (if building against external libraries is OK)
> without requiring much extra work in OpenSSL itself.
I, for one, would not want OpenSSL to employ such a complex and fragile
mechanism.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
