[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-users] OpenSSL egg option defaults poll
|
From: |
Andy Bennett |
|
Subject: |
Re: [Chicken-users] OpenSSL egg option defaults poll |
|
Date: |
Thu, 16 Oct 2014 14:07:56 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.8.1 |
Hi,
> Despite many valid reasons for keeping the old ones activated, I'd like
> to see the old Versions dropped from the default setting. The longer
> people keep them around the longer they will stay.
Without my "running an actual webserver hat" on, I think I agree. Having
said that, even with my "running an actual webserver hat" on, I suspect
most of the problems will be on the http-client side.
> Also I'd explicitly
> turn *on* certificate verification, as painful as this may be. If the
> ssl egg silently accepts invalid certificates it creates a false sense
> of security to the user. If someone needs all these features they know
> that and will turn them back on.
I definitely agree with this and certainly in this case, most of the
problems will occur on the http-client side rather than the spiffy side.
Regards,
@ndy
--
address@hidden
http://www.ashurst.eu.org/
0x7EBA75FF
- [Chicken-users] OpenSSL egg option defaults poll, Thomas Chust, 2014/10/15
- Re: [Chicken-users] OpenSSL egg option defaults poll, Andy Bennett, 2014/10/15
- Re: [Chicken-users] OpenSSL egg option defaults poll, Sascha Ziemann, 2014/10/16
- Re: [Chicken-users] OpenSSL egg option defaults poll, Christian Kellermann, 2014/10/16
- Re: [Chicken-users] OpenSSL egg option defaults poll, Florian Zumbiehl, 2014/10/16
- Re: [Chicken-users] OpenSSL egg option defaults poll, Thomas Chust, 2014/10/26