[erlang-questions] SSL verification

Kenneth Lakin <>
Sun Dec 25 15:20:26 CET 2016


On 12/24/2016 11:14 PM, Technion wrote:
> I was wondering if someone could clarify what I'm looking at. From the new_ssl page:
> 
> http://erlang.org/documentation/doc-5.7.4/lib/ssl-3.10.7/doc/html/new_ssl.html

Are you using OTP R13* (released ~six years ago)? If you are, then
please disregard the rest of this message.

If you're not, then why are you consulting documentation for ssl 3.10.7?
The current version is 8.1.

The current documentation <http://erlang.org/doc/man/ssl.html> states
that path validation is only performed when verify is set to verify_peer.

The purpose of new_ssl is described as follows:

"The new implementation is Erlang based and all logic is in Erlang and
only payload encryption calculations are done in C via the crypto
application."

Given that the current ssl application seems to do everything but some
of the crypto in Erlang, it would seem that new_ssl became the default
long ago. Additionally, I can't find any files whose name containins the
substring "new_ssl" in the current Erlang source tree.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20161225/39b8b7bc/attachment.bin>


More information about the erlang-questions mailing list