On Fri, Feb 13, 2015 at 11:59:13AM +0000, Salz, Rich wrote:
> > Some time ago, I had submitted a patch which allows administrators, but
> > most importantly OS distributors to set their own strings in the
> > configuration
> > file, which software can then rely on, to provide a consistent security
> > level:
> > https://github.com/openssl/openssl/pull/192
>
> And my intent is to pull this into master pretty soon.
And applications would need to opt-in to having this new profile
apply, or more usefully need to be able to choose which
application-specific file contains the desired profile. there's
no such thing as a universal profile that works for all software.
We may not need a patch for this, I thought we were about to deprecate
OpenSSL_config() with its void return status and encourage folks
to use the NCONF API, which should be able to handle this, or be close
in any case.
--
Viktor.
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
