On Tue, Apr 01, 2014 at 12:36:18PM -0400, Daniel Kahn Gillmor wrote: > I think the current best approach to this is the "public suffix list", > http://publicsuffix.org/ it's a horrible kludge (a fully-enumerated list > of all zones that are known to allow registration of sub-zones to the > public), but it's better than just counting labels. > > there are a few C libraries that could be used to make this abstraction > available to OpenSSL (if building against external libraries is OK) > without requiring much extra work in OpenSSL itself.
I, for one, would not want OpenSSL to employ such a complex and fragile mechanism. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org