cURL / Mailing Lists / curl-library / Single Mail


Re: [PATCH] openssl: allow partial trust chains

From: Daniel Stenberg <>
Date: Mon, 30 Nov 2015 08:15:55 +0100 (CET)

On Thu, 26 Nov 2015, Tim Ruehsen wrote:

> I just don't like this behavior being the default. I have nothing against
> some kind of configuration / option.

But this gives a user greater flexibility to more fine-grained trust. What
sort of problem do you see with this?

We don't normally fear adding options in libcurl, but this is a very
specialized option that very few users would know how to handle. Also, based
on what's said it might also tweak behavior other TLS backends already do on
their own, not to mention that other backends may not be that easy to alter
this behavior for.

List admin:
Received on 2015-11-30