Message47643
Logged In: YES
user_id=908
> This patch adds 3 module-level variables to the socket
module, which get exposed iff ssl is built in. These
variables (ssl_ca_file, ssl_ca_path, and ssl_verify_level)
provide programmer-level access to the certificate
authorities database and to control what level of
certificate verification is performed (by default, none, as
is the current behavior).
Are you sure it's a good idea to have this kind of 'global'
control over certification authorities? Global
configurations are handy at first, but they come back and
bite us when we least expect it... |
|
Date |
User |
Action |
Args |
2007-08-23 15:41:34 | admin | link | issue1114345 messages |
2007-08-23 15:41:34 | admin | create | |
|