curl-users
Re: Reg : How to support both TLS and SSL
Date: Thu, 24 Sep 2009 08:31:58 +0200 (CEST)
On Wed, 23 Sep 2009, Deepesh Damodaran wrote:
>> The "AUTH TLS" vs "AUTH SSL" is just a matter of what command the server is
>> made to serve. Earlier implementations preferred SSL I believe, while
>> latter servers and the RFC say TLS.
>
> [Deepesh] - I got your explanation. From end user perspective, some user
> expects SSL & some expect TLS.
There are several angles on this of course.
The users making a difference on SSL or TLS most often don't know what they're
talking about. And if they do know what they talk about, they should know that
the "SSL" or "TLS" part of the "AUTH" command is not what this is about.
It's your job to deal with your users and explain to them how things work.
curl already offer either SSL or TLS with command line options (-2, -3, -0),
what else would they need?
> How do we handle SSL or TLS based on downstream server configuration ?
I don't understand. You mean the remote FTPS server?
You try the SSL vs TLS commands in the order you prefer, and you use the
SSL/TLS version you prefer.
> end user seem to understand TLS or SSL as altogether different protocols.
Tell them to go read a book or use google.
> What would be the right explanation as downstream FTP server behaviour when
> curl initiaties a SSL or TLS command.
I explain the details to you, you explain those details converted to the user
lingo your users understand!
> From end user how does FTP server handle TLS or SSL commands.
End users don't care about server commands at all mostly.
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users FAQ: http://curl.haxx.se/docs/faq.html Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2009-09-24