On Wed, Mar 11, 2020 at 11:31:51AM -0400, Viktor Dukhovni wrote:

> I think the server could be OpenSSL, because why I made sure that

s/why/while/.

> self-signed CA signatures are not subjected to security levels in
> x509_vfy.c, the same exclusion does not appear to be present in:
> 
>     int ssl_security_cert(SSL *s, SSL_CTX *ctx, X509 *x, int vfy, int is_ee)
> [...]

-- 
    Viktor.

Reply via email to