I find right as it is now:
Reason:
Depth = 0 -> disabled
Depth = 1 -> father <-> son
Depth = 2 -> son <-> father <-> son
is like in akin degrees... two brothers are second degree akins
because they share a common ancestor aunt and niece are third degree
and so on...
"Ralf S. Engelschall" wrote:
>
> In article <> you wrote:
>
> >[...]
> > And the depth check is done via
> > | if (depth >= SSLVerifyDepth) error...
> >[...]
> > My opinion is that the depth counting is ok startinbg from 0 and intuitive.
> > But the check should be
> > | if (depth > SSLVerifyDepth) error...
> >[...]
> > Votes for the ">=" to ">" change and to document the depth calculation this
> > way?
>
> Still no votes from the hacker community?
>
> Seems like no one uses SSLVerifyDepth... ;-)
>
> Please say "this is a bad change, because..." now or
> I'll change it this way for 2.1b9/2.1.0.
>
> Ralf S. Engelschall
> [EMAIL PROTECTED]
> www.engelschall.com
> ______________________________________________________________________
> Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
> Official Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
S/MIME Cryptographic Signature
