On Sat, Jan 16, 2016, Viktor Dukhovni wrote: > On Sat, Jan 16, 2016 at 04:30:26AM -0800, Claus Assmann wrote:
> > SSL_dane_enable() may be called before the SSL handshake is > > initiated with L<SSL_connect(3)> to enable DANE for that connection. > > "may" seems to be a bit confusing here: if you want "to enable DANE > > for that connection" then you "must" call the function, right? > Correct. And conversely must not be called, if the intention is > to not enable DANE. Any suggested improvements of the text. - simply replace "may" with "must"? SSL_dane_enable() must be called before the SSL handshake is initiated with L<SSL_connect(3)> to enable DANE for that connection. - this might be better: To enable DANE for a connection SSL_dane_enable() must be called before the SSL handshake is initiated with L<SSL_connect(3)>. - or very explicit: SSL_dane_enable() must be called before the SSL handshake is initiated with L<SSL_connect(3)> if (and only if) you want to enable DANE for that connection. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev