On Mon, May 19, 2014 at 10:43:22AM +0200, Remi Gacogne wrote:
>
> > Ah yes, you're right. But anyway the purpose was to explain the principle.
> > Do you want to update your patch and resubmit then ?
>
> Yes, of course, thank you. What do you think about Lukas idea to change
> the name of the setting, in order to clarify the fact that it only
> applies as a fallback when there is no DH parameters in the certificate
> file?
I think it's a good idea, it could avoid some confusion in the future.
Maybe we don't need the "max" word in it ? Thus it could be :
tune.ssl.dh-param-fallback
Or maybe "default" instead of "fallback" since we're using this terminology
in the rest of the product ? What about "default-dh-param" ?
Willy
