[openssl-dev] "SSL_dane_enable() may be called"

Viktor Dukhovni openssl-users at dukhovni.org
Sat Jan 16 19:20:40 UTC 2016


On Sat, Jan 16, 2016 at 04:30:26AM -0800, Claus Assmann wrote:

> SSL_CTX_dane_enable.pod states:
> 
>   SSL_dane_enable() may be called before the SSL handshake is
>   initiated with L<SSL_connect(3)> to enable DANE for that connection.
> 
> "may" seems to be a bit confusing here: if you want "to enable DANE
> for that connection" then you "must" call the function, right?

Correct.  And conversely must not be called, if the intention is
to not enable DANE.  Any suggested improvements of the text.

-- 
	Viktor.


More information about the openssl-dev mailing list