OndÅej Surý dixit: >Your initial bug report was inappropriate.
No, it was not. >It is _absolutely_ job of the security library to set the system-wide >security policies. It is absolutely *not* the job of the SSL *library* to *incompatibly* change the behaviour of *all* applications depending on it, even those that don’t have as high security requirements as javascript-HTTP combo, especially when those *other* programs don’t even expose the knobs to change the settings but the high security requirement ones *do*. >The Radius server in question needs to be fixed, not the OpenSSL options. Did you even understand a single thing I wrote? That particular RADIUS server might eventually be fixed, but one at a customer’s site would have caused massive issues. So go back and read my initial mail. Now.