httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruediger Pluem <>
Subject Re: SSL and Usability and Safety
Date Tue, 02 May 2017 17:32:09 GMT

On 05/02/2017 07:28 PM, Rainer Jung wrote:
> Am 02.05.2017 um 15:19 schrieb Stefan Eissing:

> Since we then have possibly conflicting config settings (your new "intent" config directive
and existing detailed config
> directives) we need to make sure, how merging (conflict resolution) is done (even within
the global server or one vhost):
> a) in order of occurrence in the config files (order of reading)
> b) the most secure settings win
> c) first apply the "intent" directive, then merge the existing detail settings on top
> I guess c) would be the most logical, but probably needs some additional feature in config

c) would be the best, but a) IMHO would be acceptable since overwriting is for the more advanced
users anyway and they
can be told to do stuff in the correct order.



View raw message