> Hence, if at all, verification requirements must have been lowered in the new OpenSSL version. No, it is also the case that the new version now more correctly accepts some chains as valid that because of bugs, the old version did not.