Quick one here. I just realized, or made the decision, whatever. That I probably shouldn't try to insert the DANE check into the OpenSSL certificate checking path.
Instead what I'll do is I will add a separate file that has the DANE stuff and make it up to the application developer to run the DANE check as well, after the SSL handshake has happened.
That sure as hell made things neater. :)
No comments:
Post a Comment