Re: [VOTE] Improved TLS Defaults RFC

From:	Chris Wright	Date:	Wed, 12 Feb 2014 13:56:22 +0000
Subject:	Re: [VOTE] Improved TLS Defaults RFC
References:	1 2 3 4 5 6 7	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

On 12 February 2014 13:19, Daniel Lowrey <[email protected]> wrote:
> Fair enough. Do we see value in exposing an
> OPENSSL_DEFAULT_STREAM_VERIFY_DEPTH constant to userland?

Not really. Applications needing to adjust this are likely to know
specifically what they need for their use case, they won't care what
the default is because they will be overriding it anyway i.e.

  // You wouldn't bother with the check, you'd just set it
  // to the value you require
  if (OPENSSL_DEFAULT_STREAM_VERIFY_DEPTH < 12) {
      stream_context_set_option($ctx, 'verify_depth', 12);
  }


   

Thread (16 messages)

• Daniel LowreyTue, 11 Feb 2014 20:08:05 +0000
  • Stas MalyshevTue, 11 Feb 2014 21:16:29 +0000
    • Daniel LowreyTue, 11 Feb 2014 21:53:03 +0000
      • Stas MalyshevTue, 11 Feb 2014 23:43:00 +0000
        • Daniel LowreyWed, 12 Feb 2014 03:18:34 +0000
          • Stas MalyshevWed, 12 Feb 2014 06:33:49 +0000
            • Daniel LowreyWed, 12 Feb 2014 12:55:37 +0000
      • Pádraic BradyWed, 12 Feb 2014 12:17:55 +0000
        • Daniel LowreyWed, 12 Feb 2014 12:50:52 +0000
          • Chris WrightWed, 12 Feb 2014 13:08:41 +0000
            • Daniel LowreyWed, 12 Feb 2014 13:19:04 +0000
              • Chris WrightWed, 12 Feb 2014 13:56:22 +0000
  • Peter CowburnTue, 11 Feb 2014 21:27:00 +0000
    • Adam HarveyTue, 11 Feb 2014 21:33:29 +0000
    • Daniel LowreyTue, 11 Feb 2014 22:01:43 +0000
• Daniel LowreyThu, 20 Feb 2014 20:04:19 +0000Re: [VOTE] Improved TLS Defaults RFC