Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: NSS deprecation
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 10 Mar 2022 15:05:54 +0100 (CET)
On Thu, 10 Mar 2022, Aaltonen Eero via curl-library wrote:
> At the moment, only the NSS version of curl supports PKCS#11 card
> certificate based client authentication.
Maybe, but I don't think it's the only option that can be made to handle them.
> AFAIK most cross OS browsers use NSS. At least Chrome and Opera link to it.
Chrome (and thus all the ones built on Chromium) switched to using BoringSSL
many years ago. Firefox is the last major browser that uses NSS and probably
the last major application over all. Assuming we still consider Firefox major.
>> NSS is harder than ever to find documentation for
>
> Uh. Have to somewhat agree here. Although they seem to have gotten
> their documentation rework somewhat done
This is of course highly subjective but their docs were always abysmal, so
when we can't even find that, the situation is pretty dire.
>> NSS was always "best" used with Red Hat Linux when they provided
>> additionalfeatures on top
>
> Not sure what these features are
The ability to load a CA bundle from file is the primary one I thought of.
Date: Thu, 10 Mar 2022 15:05:54 +0100 (CET)
On Thu, 10 Mar 2022, Aaltonen Eero via curl-library wrote:
> At the moment, only the NSS version of curl supports PKCS#11 card
> certificate based client authentication.
Maybe, but I don't think it's the only option that can be made to handle them.
> AFAIK most cross OS browsers use NSS. At least Chrome and Opera link to it.
Chrome (and thus all the ones built on Chromium) switched to using BoringSSL
many years ago. Firefox is the last major browser that uses NSS and probably
the last major application over all. Assuming we still consider Firefox major.
>> NSS is harder than ever to find documentation for
>
> Uh. Have to somewhat agree here. Although they seem to have gotten
> their documentation rework somewhat done
This is of course highly subjective but their docs were always abysmal, so
when we can't even find that, the situation is pretty dire.
>> NSS was always "best" used with Red Hat Linux when they provided
>> additionalfeatures on top
>
> Not sure what these features are
The ability to load a CA bundle from file is the primary one I thought of.
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://curl.se/support.html -- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2022-03-10