In message <[EMAIL PROTECTED]> on Wed, 11 Dec 2002
08:56:19 +0000, Bertie <[EMAIL PROTECTED]> said:
bertie> Yep, this solution works if you are an application developer
bertie> wanting to use chil engine. This is not much help if you are
bertie> say an Apache user who wanted to use an nCipher HSM to protect
bertie> their Apache keys - They will get your error message but won't
bertie> be able to fix the problem, they will phone nCipher support
bertie> and we'll end up giving them a patch to apply.
And I assume application author will be notified (for what we
discussed, that would be the Apache team and Ralf (author of mod_ssl),
right?), or are you skipping that kind of step?
We could ask Ralf to take a peek at that as soon as possible and make
sure dynamic lock callbacks are provided. He *is* part of the OpenSSL
dev team, after all...
We still have the problem with older versions of the applications, but
I presume that if the users can upgrade OpenSSL, they can also upgrade
other parts of the system... Is that too tough a presumption?
--
Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
