Comment 11 for bug 1917625

> to change the security level. Here Ubuntu deviates from standard OpenSSL 1.1.1 policies. So I ask again: Should we detect and special case the deviation and document it?

I am reluctant to say yes here. But also want to ask how would you detect that it's an Ubuntu, or ubuntu derived openssl. I don't think we export anything in openssl APIs to be definitive about it.