Hi Graham,

2017-05-03 14:09 GMT+02:00 Graham Leggett <minf...@sharp.fm>:

> On 03 May 2017, at 2:01 PM, Stefan Eissing <stefan.eiss...@greenbytes.de>
> wrote:
> > We seem to all agree that a definition in code alone will not be good
> enough. People need to be able to see what is actually in effect.
> I think we’re overthinking this.
> We only need to document the settings that SSLSecurityLevel has clearly in
> our docs, and make sure that "httpd -L” prints out the exact details so no
> user need ever get confused.

I think that in this case documentation is not enough since it tends to
quickly fall behind dev commits, plus it would be great for a user to know
in a programatic way what are the runtime settings used for SSL (or just to
allow admin to manually check/review them).

> > If we let users define their own classes, it could look like this:
> Immediately we’ve jumped into functionality that is beyond Mr/Mrs Normal

True, even if the idea looks great I'd focus only on Mr/Mrs Normal for the
moment :)


Reply via email to