Do we really want to have the legacy provider as opt-in only?
levitte at openssl.org
Mon Jul 15 14:25:23 UTC 2019
On Mon, 15 Jul 2019 16:15:01 +0200,
Tomas Mraz wrote:
> So saying this is "just recompliation and configuration change" is
> at least somewhat oversimplified.
> But I am OK with that. I'm just saying it should be better advertised
> and that internally openssl should not use the "load legacy provider by
> having it in default config file" to actively encourage the "load
> legacy provider only if you *really* need it" behavior.
I'm a little confused. "configuration changes" is about "having it in
the config file", so I don't quite understand "oversimplified".
Regardless of where this discussion gets us, it has always been the
aim that this will be configurable with the config file.
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-project