------T2ZYOD5TB1MBLBD83A4FHEWTKCDRY6
Content-Type: text/plain;
charset=utf-8
Content-Transfer-Encoding: quoted-printable
The other option is that we ship a trust store with trust settings. Someone is making it more useful upstream at
https://github.com/openssl/openssl/pull/27965
That would be an OpenSSL only solution. We could ship them in a separate directory, and have OpenSSL default to that.
Shipping it in a separate directory per type would require that all software using smime sets the path correctly. Shipping the trust settings with the certificate requires the software to say for what purpose they are using it, which most probably don't.
Maybe we should try to do both.
Kurt
------T2ZYOD5TB1MBLBD83A4FHEWTKCDRY6
Content-Type: text/html;
charset=utf-8
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE html><html><body><div dir="auto">The other option is that we ship a trust store with trust settings. Someone is making it more useful upstream at <a href="
https://github.com/openssl/openssl/pull/27965">https://github.com/openssl/openssl/pull/
27965</a><br><br>That would be an OpenSSL only solution. We could ship them in a separate directory, and have OpenSSL default to that. <br><br>Shipping it in a separate directory per type would require that all software using smime sets the path
correctly. Shipping the trust settings with the certificate requires the software to say for what purpose they are using it, which most probably don't. <br><br>Maybe we should try to do both. <br><br>Kurt<br><br></div></body></html>
------T2ZYOD5TB1MBLBD83A4FHEWTKCDRY6--
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)