> "Provided chain ends with unknown self-signed certificate".

I like this. 

IMHO "unrecognized" would be more confusing.

I hope the team makes up their mind quickly.

On 12/4/18, 6:17 PM, "openssl-users on behalf of Michael Wojcik" 
<openssl-users-boun...@openssl.org on behalf of michael.woj...@microfocus.com> 
wrote:

    > From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
    > Of Jakob Bohm via openssl-users
    > Sent: Tuesday, December 04, 2018 08:15
    > > Care to create a PR against the "master" branch?  Something
    > > along the lines of:
    > >
    > >      "Provided chain ends with untrusted self-signed certificate"
    > >
    > > or better.  Here "untrusted" might mean not trusted for the requested
    > > purpose, but more precise is not always more clear.
    > >
    > Perhaps s/untrusted/unknown/ as in
    >
    > "Provided chain ends with unknown self-signed certificate".
    
    Yes, that might be better. Or maybe "unrecognized". Of course there's scope 
for someone to misinterpret regardless of which term is used. I can suggest 
various alternatives in the PR and let the team decide.
    
    > Or even better, two different error codes:
    >
    >   - "Only self-signed end certificate provided"
    >
    >   - "Provided chain ends with unknown root certificate"
    >
    > (Deciding which one keeps the old error code is left as
    >   an exercise).
    
    I can raise that as a possibility too, in the PR. Obviously it's a bit more 
work than simply changing the existing text.
    
    --
    Michael Wojcik
    Distinguished Engineer, Micro Focus
    
    
    
    -- 
    openssl-users mailing list
    To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
    

Attachment: smime.p7s
Description: S/MIME cryptographic signature

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Reply via email to