daniel:// stenberg://

1 year ago

daniel:// stenberg://
1 year ago

Maybe #curl should plan to drop support for the non-TLS 1.3 libraries?

curl.se/mail/lib-2024-03/0006.…

Curl: When will we make TLS 1.3 support a mandatory requirement?

^curl.se

#curl

in reply to daniel:// stenberg://

quite possibly an ian

in reply to daniel:// stenberg:// 1 year ago

Apple considers their Secure Transport API as "legacy", being stuck at 1.2 (and not getting 1.3) developer.apple.com/documentat…

Secure Transport | Apple Developer Documentation

Secure network communication using standardized transport layer security mechanisms.

^{Apple Developer Documentation}

in reply to quite possibly an ian

daniel:// stenberg://

in reply to quite possibly an ian 1 year ago

@ecn I am aware. I think my bigger concern is that we have a lot of users using this and I'm not sure all of them have any easy/proper alternatives...

@quite possibly an ian

in reply to daniel:// stenberg://

quite possibly an ian

in reply to daniel:// stenberg:// 1 year ago

yeah :/ TLS Inspector uses it but I'll probably switch it to using OpenSSL instead going forward.

The replacement, Network Framework, is vastly different and mostly asynchronous. Kinda a pain to work with really.

in reply to quite possibly an ian

daniel:// stenberg://

in reply to quite possibly an ian 1 year ago

@ecn Network Framework sounds quirky indeed and I imagine it might take some unpleasant hacks to use that. I can imagine we'll see some efforts in that direction in the future.

@quite possibly an ian

in reply to daniel:// stenberg://

Bálint Szilakszi

in reply to daniel:// stenberg:// 1 year ago

yes please drop those libraries - abandonware is not a good idea for software

in reply to daniel:// stenberg://

mc.fly

in reply to daniel:// stenberg:// 1 year ago

drop all pre TLS 1.3 or drop also non-tls?

Unknown parent

daniel:// stenberg://

Unknown parent 1 year ago

@BradRubenstein we don't break existing functionality so upgrading curl is rarely a technical issue, just some lame problems with users getting stuck on old distros and running old systems.

@Brad Rubenstein “” [OLD ACCOUNT]

Unknown parent

daniel:// stenberg://

Unknown parent 1 year ago

@BradRubenstein we have dropped support for several 3rd party libs in the past. We have changed defaults so that for example SSLv2 and SSLv3 can't be used etc.

@Brad Rubenstein “” [OLD ACCOUNT]

in reply to daniel:// stenberg://

Elias Mårtenson

in reply to daniel:// stenberg:// 1 year ago

I'm using libcurl on Riscos. Would this cause the riscos port to stop working?

in reply to Elias Mårtenson

daniel:// stenberg://

in reply to Elias Mårtenson 1 year ago

@loke are you saying that you only have one of those TLS libraries to select from on Riscos?

@Elias Mårtenson

in reply to daniel:// stenberg://

Elias Mårtenson

in reply to daniel:// stenberg:// 1 year ago

Oh wait, you're right. Libcurl on riscos links with openssl, so that should be fine.

in reply to Elias Mårtenson

daniel:// stenberg://

in reply to Elias Mårtenson 1 year ago

@loke I am also proposing a suitable date far enough in the future to allow adaption time

@Elias Mårtenson

Unknown parent

daniel:// stenberg://

Unknown parent 1 year ago

@BradRubenstein curl currently supports twelve different TLS libraries. This discussion concerns three of them. Which maybe by the time next year might no longer be all three...

@Brad Rubenstein “” [OLD ACCOUNT]

Unknown parent

daniel:// stenberg://

Unknown parent 1 year ago

@BradRubenstein haha, awesome!

@Brad Rubenstein “” [OLD ACCOUNT]

in reply to daniel:// stenberg://

SuperIlu

in reply to daniel:// stenberg:// 1 year ago

well, as an embedded (and MS-DOS) developer I would plead to keep it (mbedTLS does not support it)...

⇧

daniel:// stenberg:// 1 year ago • •

daniel:// stenberg://
1 year ago