I just pushed 2 tweaks. One is to update the nts cert documentation to say that it doesn't do any checking on the certificate.
The other is a hack patch to aes_siv.c to supress deprecated warnings from OpenSSL 3. Is anybody (else) using OpenSSL 3? It's trivial on FreeBSD. Just install openssl-devel-3.0.2 (3.0.3 will be out soon) For others, HOWTO-OpenSSL should be enough. If not, please fix it, or tell me where you got it trouble or ... ---------- I think I understand the wildcard tangle. They are generally considered OK. My plan is to fixup the code so that the default is to accept wildcards but it's easy to turn them off. Details TBD. Can anybody think of any other optional features that would make things slightly more secure? We should start collecting ideas in this area. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel