Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:72106
Return-Path: <pierre.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 11190 invoked from network); 3 Feb 2014 19:39:35 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 3 Feb 2014 19:39:35 -0000
Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.41 as permitted sender)
X-PHP-List-Original-Sender: pierre.php@gmail.com
X-Host-Fingerprint: 209.85.216.41 mail-qa0-f41.google.com  
Received: from [209.85.216.41] ([209.85.216.41:41430] helo=mail-qa0-f41.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id E5/9D-35654-770FFE25 for <internals@lists.php.net>; Mon, 03 Feb 2014 14:39:35 -0500
Received: by mail-qa0-f41.google.com with SMTP id w8so10808202qac.28
        for <internals@lists.php.net>; Mon, 03 Feb 2014 11:39:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type;
        bh=oVj/0EL3nplA5rxwB6LKmMHQ6lCI+eloPeu1431gADk=;
        b=TEeQfEKxIOq7kASt3gXkekK+v9+cPDHFgArOef4KDRWqhgSSragq+wCuhqsKbnoaKs
         0xA+anYwjW+zuKPpQk2zkIBuKlHBoSvex0cGiimt192GpTy1e0PW9JPfyFhZk7gT8TW9
         pxMRNik+NPNjTrBHQdrksjk+VQzo8FTqphcZEFFZbhzYv1qi7tlkmTjb1j4RbgM2dP2R
         CbYX+d+FDIdcrzlq4aKsaq2FfzrJxiMsHrJiR+DJddT07JIczOooKOcoK6+YKn65MoX7
         6KFkKjbVb5TtWSG/nyyBiSP6MHDT1ieWyQYjaotJQsIj7HLp4/inLuHhRE8abx+S80OR
         KwRg==
MIME-Version: 1.0
X-Received: by 10.224.63.131 with SMTP id b3mr1378916qai.63.1391456371820;
 Mon, 03 Feb 2014 11:39:31 -0800 (PST)
Received: by 10.140.18.129 with HTTP; Mon, 3 Feb 2014 11:39:31 -0800 (PST)
In-Reply-To: <CAH8MpnmOWUh8AKT+J4wtqB1Fh02wAhDbLbPe81sYGakWd5d5Ew@mail.gmail.com>
References: <CAH8Mpn=Kw9CCmpiXm-UE2s=GKFroTGczTr=ENczuAeiTCH6QwQ@mail.gmail.com>
	<CAH8MpnmOWUh8AKT+J4wtqB1Fh02wAhDbLbPe81sYGakWd5d5Ew@mail.gmail.com>
Date: Mon, 3 Feb 2014 20:39:31 +0100
Message-ID: <CAEZPtU6suL3i8L4242rVHrihPJuyU5kEi1eXEZ4yp2gSfKky=g@mail.gmail.com>
To: Daniel Lowrey <rdlowrey@gmail.com>
Cc: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [PHP-DEV] Re: Windows Peer Verification
From: pierre.php@gmail.com (Pierre Joye)

On Mon, Feb 3, 2014 at 8:27 PM, Daniel Lowrey <rdlowrey@gmail.com> wrote:
> On Mon, Feb 3, 2014 at 7:49 PM, Pierre Joye <pierre.php@gmail.com> wrote:
>
>> I have added the curl ca cert file option
>
> As of the recently merged RFC there now exist both openssl.cafile and
> openssl.capath (for hashed certificate directories). I was unaware of the
> curl php.ini option and perhaps you were unaware of the new openssl ini
> options?
>
> Either way, it might make sense to have a single universal option instead.
> There is still time to change/implement something like this for 5.6.
> Thoughts?

As we discussed on IRC, I think it makes sense to merge the curl CA
file ini setting and use the openssl one. Maybe alias them so we won't
have BC issues (curl is in place since quite some time already).

About bundling the CA file with the windows release (we agreed not to
release them with the src, good this way), we still have time to
evaluate it. We will not bundle it for the next releases, including
first betas. If testers are complaining too much, it will be a sign
that we may have to bundle it. As the support part won't scale well
with all our end users on Windows.

Cheers,
-- 
Pierre

@pierrejoye | http://www.libgd.org