Richard Levitte - VMS Whacker wrote: > [NOTE: whatever I write below is *my* opinion. Period] > > In message <[EMAIL PROTECTED]> on Sun, 18 Aug 2002 21:32:43 -0400, >Tom Zerucha <[EMAIL PROTECTED]> said: > > tz> I don't know what the historic reasons for doing things a particular > tz> way, but I would suggest the following (in order of importance): > tz> > tz> 1. Install the certs by default, > > I'm amazed by this statement. Are you seriously willing to give us > that kind of trust, rather than installing whatever root certs you > need yourself? [ .. ]
There is a nice discussion of certs you get by default on the securityfocus webappsec list especially this from Kurt Siefried: http://online.securityfocus.com/archive/107/286896/2002-08-09/2002-08-15/0 Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
