On 10-12-12 08:36, Nick Mathewson wrote:
> On Sat, Dec 8, 2012 at 6:03 AM, Patrick Pelletier
> wrote:
>
>> However, it's not clear to me how to work the validation function
>> (validate_hostname) into evhttp's control flow. It seems that I would need
>> to call validate_hostname after the TLS h
Oscar Koeroo wrote:
The SSL_CTX_set_verify and SSL_CTX_set_verify_callback are used to validate
the certificate (chain) itself. Useful when OpenSSL triggers a
false-negative on a certificate chain, you have your own extensions build-in
the certificate (think: Microsoft PKI in their deployments or
