Would it be a good idea to allow disabling these extensions at
runtime (via some option)? That would minimize the impact of security
holes like this, right? Instead of having to recompile "everything"
you would "just" have to set an option (yes, I know, not every
application might have support for settting such options -- in that
case something global like openssl.cnf would help).
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
