daniel:// stenberg://

8 months ago • •

daniel:// stenberg://
8 months ago • •

Maybe #curl should plan to drop support for the non-TLS 1.3 libraries?

curl.se/mail/lib-2024-03/0006.…

Curl: When will we make TLS 1.3 support a mandatory requirement?

^curl.se

#curl

in reply to daniel:// stenberg://

local area ian

in reply to daniel:// stenberg:// • 8 months ago • •

Apple considers their Secure Transport API as "legacy", being stuck at 1.2 (and not getting 1.3) developer.apple.com/documentat…

Secure Transport | Apple Developer Documentation

Secure network communication using standardized transport layer security mechanisms.

^{Apple Developer Documentation}

in reply to local area ian

daniel:// stenberg://

in reply to local area ian • 8 months ago • •

@ecn I am aware. I think my bigger concern is that we have a lot of users using this and I'm not sure all of them have any easy/proper alternatives...

@local area ian

in reply to daniel:// stenberg://

local area ian

in reply to daniel:// stenberg:// • 8 months ago • •

yeah :/ TLS Inspector uses it but I'll probably switch it to using OpenSSL instead going forward.

The replacement, Network Framework, is vastly different and mostly asynchronous. Kinda a pain to work with really.

in reply to local area ian

daniel:// stenberg://

in reply to local area ian • 8 months ago • •

@ecn Network Framework sounds quirky indeed and I imagine it might take some unpleasant hacks to use that. I can imagine we'll see some efforts in that direction in the future.

@local area ian

in reply to daniel:// stenberg://

Bálint Szilakszi

in reply to daniel:// stenberg:// • 8 months ago • •

yes please drop those libraries - abandonware is not a good idea for software

in reply to daniel:// stenberg://

mc.fly

in reply to daniel:// stenberg:// • 8 months ago • •

drop all pre TLS 1.3 or drop also non-tls?

Unknown parent

daniel:// stenberg://

Unknown parent • 8 months ago • •

@BradRubenstein we don't break existing functionality so upgrading curl is rarely a technical issue, just some lame problems with users getting stuck on old distros and running old systems.

@Brad Rubenstein “”

Unknown parent

daniel:// stenberg://

Unknown parent • 8 months ago • •

@BradRubenstein we have dropped support for several 3rd party libs in the past. We have changed defaults so that for example SSLv2 and SSLv3 can't be used etc.

@Brad Rubenstein “”

in reply to daniel:// stenberg://

Elias Mårtenson

in reply to daniel:// stenberg:// • 8 months ago • •

I'm using libcurl on Riscos. Would this cause the riscos port to stop working?

in reply to Elias Mårtenson

daniel:// stenberg://

in reply to Elias Mårtenson • 8 months ago • •

@loke are you saying that you only have one of those TLS libraries to select from on Riscos?

@Elias Mårtenson

in reply to daniel:// stenberg://

Elias Mårtenson

in reply to daniel:// stenberg:// • 8 months ago • •

Oh wait, you're right. Libcurl on riscos links with openssl, so that should be fine.

in reply to Elias Mårtenson

daniel:// stenberg://

in reply to Elias Mårtenson • 8 months ago • •

@loke I am also proposing a suitable date far enough in the future to allow adaption time

@Elias Mårtenson

Unknown parent

daniel:// stenberg://

Unknown parent • 8 months ago • •

@BradRubenstein curl currently supports twelve different TLS libraries. This discussion concerns three of them. Which maybe by the time next year might no longer be all three...

@Brad Rubenstein “”

Unknown parent

daniel:// stenberg://

Unknown parent • 8 months ago • •

@BradRubenstein haha, awesome!

@Brad Rubenstein “”

in reply to daniel:// stenberg://

SuperIlu

in reply to daniel:// stenberg:// • 8 months ago • •

well, as an embedded (and MS-DOS) developer I would plead to keep it (mbedTLS does not support it)...

⇧

daniel:// stenberg:// 8 months ago • •

daniel:// stenberg://
8 months ago • •