On Fri, Feb 13, 2015 at 11:59:13AM +0000, Salz, Rich wrote: > > Some time ago, I had submitted a patch which allows administrators, but > > most importantly OS distributors to set their own strings in the > > configuration > > file, which software can then rely on, to provide a consistent security > > level: > > https://github.com/openssl/openssl/pull/192 > > And my intent is to pull this into master pretty soon.
And applications would need to opt-in to having this new profile apply, or more usefully need to be able to choose which application-specific file contains the desired profile. there's no such thing as a universal profile that works for all software. We may not need a patch for this, I thought we were about to deprecate OpenSSL_config() with its void return status and encourage folks to use the NCONF API, which should be able to handle this, or be close in any case. -- Viktor. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev