On Fri, Jun 27, 2008 at 11:45:45AM -0500, William A. Rowe, Jr. wrote: > BadCA is a weird one, it plugs into an interface in APR to OpenSSL that is > currently mothballed in a sandbox and looking for attention to get it ready > to be reintegrated into trunk. But APR is still on the hook for providing > notice (we already had) even though it lives in a sandbox. So if you > simply > copy APR's style of notice w.r.t. OpenSSL, BadCA should be covered. > GPG will most likely be added to the mix as well given the planned design, but other than that I think that'll be ok. I was looking at the notice for httpd earlier and that one deviates from what BadCA needs because crypto isn't optional here. As for the bit about the crypto living on an obscure branch of apr, that wasn't the case last time BadCA was active - at that point the code was in trunk.
vh Mads Toftum -- http://soulfood.dk --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
