Changelog Development Documentation Download libcurl Mailing Lists News
cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Proposed changes to SSL comparison documentation

From: David Strauss <david_at_davidstrauss.net>
Date: Sat, 4 May 2013 19:34:33 -0700

It would be useful to include SNI support in the comparison. cURL has
supported SNI since 7.18.1, but the library has to support it, too. I
know older versions of Microsoft's libraries lack it, notably on
Windows XP.

"[NSS] suffers a bit from being seen as only used by Mozilla's browser
and mail client by project members."

That seems awfully subjective. Fedora and related distributions make
broad use of NSS, including for their standard cURL builds.

On Sat, May 4, 2013 at 3:56 PM, Steve Holme <steve_holme_at_hotmail.com> wrote:
> On Sat, 4 May 2013, Nick Zitzmann wrote:
>
>> The documentation at <http://curl.haxx.se/docs/ssl-compared.html>
>> is missing sections for Windows- and Darwin-native SSL, and also
>> doesn't mention a few key differences between engines, like
>> whether they're database-driven or file-driven or both, or their
>> support for CRL (none, manual, or automatic). I've made some
>> proposed revisions; can the rest of you take a look and tell me
>> what you think?
>
> Generally speaking, I like what you've done here Nick... The comparison is a
> lot more informative and information more useful. However I have a few
> comments:
>
> * Would it be better to state *nix rather than Unix in the platform list?
> * Do we need to include both Windows CE and NT in the platform list - Does
> libcurl still compile on CE? Probable answer is yes but I just wanted to
> raise the question.
> * I'm not sure about the version number for Secure Channel being "Windows
> 7". In some respects I would rather see v6.1.7601 as that is the version
> number for Windows 7 SP1 and covers both Windows 7 and Windows Server 2008
> R2 but then maybe it should be v6.2.9200 for Windows 8 and Windows Server
> 2012 being the latest version of the OS.
> * Rather than stating "Not present in older versions of OpenSSL" do you know
> the required version of OpenSSL for TLS SRP?
> * You're missing a full stop at the end of the QSOSSL details line -
> "OS/400" should be "OS/400." for consistency ;-)
>
> I hope my feedback helps
>
> Steve
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette: http://curl.haxx.se/mail/etiquette.html 

-- 
David Strauss
   | david_at_davidstrauss.net
   | +1 512 577 5827 [mobile]
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2013-05-05