Dirk Feytons <dirk.feyt...@gmail.com> wrote: > On 9 June 2016 at 13:55, Karl Palsson <ka...@tweak.net.au> > wrote: > > > > This is turning off PSK by default right? I actually use that > > option, and it's a relatively common use with mosquitto, which > > supports PSK for client auth. Could you leave it on by default > > please? PSK, and SRP are badly treated by people who wants certs > > everywhere, but they're perfectly reasonable, if only people > > would remember they exist. > > Yes, PSK would be off by default. My reasoning was that OpenSSL > is most often used for traditional HTTPS with certs and the > default OpenSSL would support that but not (much) more. I know > that Mosquitto requires it (IIRC it also needs > CONFIG_OPENSSL_WITH_DEPRECATED but that's still enabled by > default). I'm working on a patch for Mosquitto to depend on > CONFIG_OPENSSL_WITH_PSK and CONFIG_OPENSSL_WITH_DEPRECATED. > Would that be OK for you or do you still want the default for > PSK to be 'y'?
Can people still do opkg install mosquitto-ssl? If they have to recompile their own image, I think it's a no-go Cheers, Karl P
signature.asc
Description: OpenPGP Digital Signature
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
