David Reid wrote:
William A. Rowe, Jr. wrote:
Mads Toftum wrote:
GPG will most likely be added to the mix as well given the planned
design, but other than that I think that'll be ok. I was looking at the
notice for httpd earlier and that one deviates from what BadCA needs
because crypto isn't optional here.
Yes - it is a little different, and if we bind later to some libgpg we
can address it then.
There are plans to bind to some gpg libs.
As for the bit about the crypto living on an obscure branch of apr, that
wasn't the case last time BadCA was active - at that point the code was
in trunk.
Right, I was just making the observation that apr is still on the hook
even though it isn't a shipping product, and for BadCA I hope we do finally
round out the API to satisfy the objections from [EMAIL PROTECTED] (and ship a
1.4.0
officially that BadCA can consume).
Erm, well, badca hasn't ever been related to APR, so I was a little
confused by the initial assertion. I'll have a look and get a notice
added, though I'm not 100% sure where it needs to go.
To clarify - badca isn't planned, nor has it ever been planned, to be a
consumer of apr.
But BadCA is a consumer of OpenSSL, right? So the notice needed with
respect to labs would be something along the lines of the 'Product'
section like here:
https://issues.apache.org/jira/secure/attachment/12384406/labs_crypto2.patch
Should be straightforward.
Bernd
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
