Hi internals!
I've made another minor addition to the Improved TLS Defaults RFC for those
interested ...
Userland can now access information about the negotiated protocol/cipher
for a given stream via the context:
https://wiki.php.net/rfc/improved-tls-defaults#expose_negotiated_values
Hey Daniel,
Hi internals!
I've made another minor addition to the Improved TLS Defaults RFC for those
interested ...Userland can now access information about the negotiated protocol/cipher
for a given stream via the context:https://wiki.php.net/rfc/improved-tls-defaults#expose_negotiated_values
I think that's a really good addition from the perspective of figuring out
what's going on for any given server.
--
Pádraic Brady
http://blog.astrumfutura.com
http://www.survivethedeepend.com
Zend Framework Community Review Team
Zend Framework PHP-FIG Representative
Hi Daniel,
On Mon, Feb 3, 2014 at 4:38 AM, Pádraic Brady padraic.brady@gmail.comwrote:
Hey Daniel,
Hi internals!
I've made another minor addition to the Improved TLS Defaults RFC for
those
interested ...Userland can now access information about the negotiated protocol/cipher
for a given stream via the context:https://wiki.php.net/rfc/improved-tls-defaults#expose_negotiated_values
I think that's a really good addition from the perspective of figuring out
what's going on for any given server.
I think it's great, too.
Regards,
--
Yasuo Ohgaki
yohgaki@ohgaki.net
I forgot to mention it, but I've also added another function to the
Improved TLS Defaults RFC:
openssl_get_cert_locations()
This should make it easier to debug CA file issues by coalescing all the
locations where PHP might look for a CA cert in one place. The new function
allows easier debugging as well as tooling to check if existing php.ini
settings or OS-assigned defaults can locate CA files are appropriate to
allow secure peer verification.
The update can be seen here:
https://wiki.php.net/rfc/improved-tls-defaults#expose_default_cert_paths