On 31-10-17 17:47, Matt Caswell wrote: > > > On 31/10/17 16:42, Wouter Verhelst wrote: >> On 31-10-17 17:26, Matt Caswell wrote: >>> I agree its not a great name for it. Unfortunately we are stuck with it >>> for compatibility reasons. If we renamed it we would break any code that >>> is currently using it. We could introduce a new flag with a different >>> name which does the same thing - but I'm not sure that does anything to >>> make things less confusing. >> >> You could always keep the old name around and mark it deprecated. GCC >> even has a pragma for that -- __attribute__((deprecated)) -- although I >> doubt it works on macros (haven't tested that). >> >> I suppose it might be too much of an effort for too little gain, though. >> > > As a matter of policy we won't deprecate anything more until we do a > 1.2.0 release. That's a sensible policy, thanks. > If someone wants to create a PR for a new name for this (defining the > old one to point at the new one), then I'd review it. But if we're going > to go to that effort then we should write the documentation as part of > the PR (there seems little sense to me in replacing an undocumented name > which you have to read the source to understand with another > undocumented name that you also have to read the source to understand). As I ran into this when reviewing how to do OCSP, but ended up not needing it (I need normal path validation within a limited set of root certificates), I might look into doing that if/when I find the time for it some time soon. Thanks, -- Wouter Verhelst -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
