On 13 Sep 2004, at 15:41, Troy Rollins wrote:
I can say with absolutely no authority whatsoever that using "open secure socket ... without verification" has no effect outside of Rev. :)
On Sep 13, 2004, at 6:52 AM, Dave Cragg wrote:
However, it shouldn't be too hard to add something to libUrl which allows you to use "without verification". perhaps a "switch command" such as libUrlSetSSLVerification <true|false> with the default being true.
We are talking about shutting it off for the purposes of that one session with just the requests made by the Rev-based application, right?
While I think that SSL which always requires a certificate is not very useful, I also think it would be bad to so easily compromise the end-user's computer if the above is not the case. If it only shuts it off for the Rev app, and only for the current session, that would be a pretty decent and workable solution.
I'm no SSL expert, and am only transplanting the new secure socket syntax into libUrl. So your question serves as a good note of caution, and I'll get confirmation from the Rev SSL man (Tuviah) before adding this.
Cheers Dave
_______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
