Typo "addresa" -> "address" numeric address, an IPv6 numeric addresa (in square brackets).
If cipher is for NTP, I think you should rename it to ntpcipher (or ntpciphers). Or just drop it, since you're almost certainly only going to implement AES-SIV-CMAC for first ship. (And possibly that'll be the only NTP cipher implemented any time soon.) If "cipher" is for TLS: Rename cipher to ciphers (plural) and add a second one named ciphersuites. You'll need two for testing anyway, as OpenSSL takes TLS 1.2 and 1.3 cipher specifications separately. Then those are just done for the final scenario. Note that a single cipher name is a valid cipher list, which would force that particular cipher. So "ciphers" (plural) is usable exactly identically to how you have spec'ed cipher for testing, but is also useful in production. The documentation should be something like: +ciphers+ _string_:: An OpenSSL cipher list to configure the allowed ciphers for TLS versions up to and including TLS 1.2. +ciphersuites+ _string_:: An OpenSSL ciphersuite list to configure the allowed ciphersuites for TLS 1.3. -- Richard _______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
