Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:72520
Return-Path: <are.you.winning@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 33683 invoked from network); 12 Feb 2014 13:56:26 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 12 Feb 2014 13:56:26 -0000
Authentication-Results: pb1.pair.com smtp.mail=are.you.winning@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=are.you.winning@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.41 as permitted sender)
X-PHP-List-Original-Sender: are.you.winning@gmail.com
X-Host-Fingerprint: 209.85.216.41 mail-qa0-f41.google.com  
Received: from [209.85.216.41] ([209.85.216.41:37327] helo=mail-qa0-f41.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 67/F2-19387-98D7BF25 for <internals@lists.php.net>; Wed, 12 Feb 2014 08:56:25 -0500
Received: by mail-qa0-f41.google.com with SMTP id w8so13950483qac.14
        for <internals@lists.php.net>; Wed, 12 Feb 2014 05:56:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:date:message-id:subject
         :from:to:cc:content-type;
        bh=IAioboe+i0gNSGjqz1vkioREj2F9md1Jam98enMUyCg=;
        b=TGD0yP8KjDik4xxl1aJbJ3A8892K+BuVIhqsS/FS7opg+oTa4qlic8HSFytTMQWf37
         hiK+pqt4jP0tRYqy7fcjUbUopfMuveas6NY/OaEyW6X6csedqAQmMHoRBCvRLbcr4SPj
         6TkOflk2rQYLpnfWtN3lkqnnx4+mDzd4aZkO1t8Lmbk2RsDx2e6JwXFgrf5z+Bbb438h
         tD7Ks1J+9T7g7HjmxQ/boFpIch8qhzR6INi+4n9vKYhJs0nRlYObW0O5epi8cENQfMJY
         +tJ7sMiq5jNwcyYWSk0yF0Fu5oaxnC0nA+d+bo3fbnC/87TcupFDMvUMml6U21JHcJLM
         d23A==
MIME-Version: 1.0
X-Received: by 10.229.171.8 with SMTP id f8mr50506594qcz.13.1392213382968;
 Wed, 12 Feb 2014 05:56:22 -0800 (PST)
Sender: are.you.winning@gmail.com
Received: by 10.229.240.193 with HTTP; Wed, 12 Feb 2014 05:56:22 -0800 (PST)
In-Reply-To: <CAH8MpnknU7G_iUERUYtvMeqXNA1XJPF5Edkj+WNFOUmESy=_eQ@mail.gmail.com>
References: <CAH8Mpn=dhpKEM_fU=zq0JRx9G0mrD_E6duAu=Sz-6++Qt-TO_g@mail.gmail.com>
	<52FA932D.5050504@sugarcrm.com>
	<CAH8MpnnC6-gR5REPciKM4nXkXtquP3q5Z00d+WkA+Kz5vak4ZA@mail.gmail.com>
	<CALwr1GnO+j2zDk+ykgF4E5O=quSOUPiZCcBbpmaqbH34j6xU0g@mail.gmail.com>
	<CAH8MpnmorTAjYoPG_ApCYSV0QYJiDu79Hx7O9i76XYomO6_hGg@mail.gmail.com>
	<CAGAGxbZw2xRM2K1KWA_q1WGJ7qS0Wsd-JjU9M7G1M6A213gzsg@mail.gmail.com>
	<CAH8MpnknU7G_iUERUYtvMeqXNA1XJPF5Edkj+WNFOUmESy=_eQ@mail.gmail.com>
Date: Wed, 12 Feb 2014 13:56:22 +0000
X-Google-Sender-Auth: _TMPku-rX0NmXNZNHFAlW6q9qSo
Message-ID: <CAGAGxbZPnQAJgTJHbR=eS=z7JDAo2S7sFYjnGxwcC5FtB2cDLw@mail.gmail.com>
To: Daniel Lowrey <rdlowrey@gmail.com>
Cc: Chris Wright <daverandom@php.net>, "internals@lists.php.net" <internals@lists.php.net>
Content-Type: text/plain; charset=ISO-8859-1
Subject: Re: [PHP-DEV] [VOTE] Improved TLS Defaults RFC
From: daverandom@php.net (Chris Wright)

On 12 February 2014 13:19, Daniel Lowrey <rdlowrey@gmail.com> wrote:
> Fair enough. Do we see value in exposing an
> OPENSSL_DEFAULT_STREAM_VERIFY_DEPTH constant to userland?

Not really. Applications needing to adjust this are likely to know
specifically what they need for their use case, they won't care what
the default is because they will be overriding it anyway i.e.

  // You wouldn't bother with the check, you'd just set it
  // to the value you require
  if (OPENSSL_DEFAULT_STREAM_VERIFY_DEPTH < 12) {
      stream_context_set_option($ctx, 'verify_depth', 12);
  }