I would like to request that when changes are made to verification items such as the hash code for certification validation that the Windows operation be taken into consideration. DLLs are a global resource in Windows and are identified by name. Once a DLL is loaded, any other request of that same DLL name is routed to that DLL. Openssl is a great product and it has wide use. On my development system I have different SSLEAY32.DLLs in packages from Apple, Watchguard, Dell, Sony, Stunnel, and TrendMicro. The selection of the DLL that gets loaded happens at start-up time and to the best of my knowledge is a side effect of the services that get loaded and the order that Windows loads them. Thus, the proper hash code name for a certificate in the certificate directory becomes a function of load order. Windows does not have the easy name link facility that most operating systems do which adds to the difficulty. While it would be good to make sure that the most current version of SSLEAY32 is loaded, it is much worse to have a total failure of the verification process if the wrong one is loaded. Version incompatibilities of DLLs (known as DLL in the Windows world) can take some time to identify. If possible, it would be greatly appreciated if such incompatibilities could be avoided except for necessary functional or security reasons.
Carter Carter Browne CBCS cbro...@cbcs-usa.com 781-721-2890 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
