httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jean-frederic clere <jfcl...@gmail.com>
Subject Re: svn commit: r1781575 - in /httpd/httpd/trunk: build/PrintPath modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ssl_engine_init.c modules/ssl/ssl_engine_ocsp.c modules/ssl/ssl_private.h modules/ssl/ssl_util_ocsp.c
Date Tue, 21 Feb 2017 09:19:30 GMT
On 02/20/2017 05:47 PM, Yann Ylavic wrote:
> On Mon, Feb 20, 2017 at 5:32 PM, Yann Ylavic <ylavic.dev@gmail.com> wrote:
>>
>> First you want it to be Off by default (i.e. verify the OCSP's
>> responder certificate when not configured), right?
>> Couldn't that break existing configurations since we currently (until
>> 2.4.25) do not verify it?
> 
> Oh, we do verify unconditionally currently, that's an opt-out, so
> please ignore this part :)
> 

Many thanks for the reviews.

Yes the idea is the behaviour is unchanged if the user doesn't use the
new directives.

Cheers

Jean-Frederic



Mime
View raw message