curl-library
Re: [PATCH] openssl: allow partial trust chains
Date: Mon, 30 Nov 2015 16:05:01 +0100 (CET)
On Mon, 30 Nov 2015, Tim Ruehsen wrote:
> But if these are not enabled by default, there is only use to "humans that
> understand this topic" and explicitly enable it. Am I right that (lib)curl
> does not enable these by default ?
They are not, and for each and every one of those features we have had this
discussion of how to deal with them and whether we can enable them by default
or not. We want to help users do the right thing at once by providing the
"correct" set of options enabled by default. This is not always an easy
trade-off of course.
In these mentioned cases the options cannot easily be enabled without (by
estimation) triggering a fair amount of failures. Failures that users didn't
get just before an upgrade and would not be that easy to understand or learn
what to do to get things running again. Ideally we can switch some of their
default values at some point in time.
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2015-11-30