curl-users
Re: Will curl adopt Google'd approach to SSL?
Date: Tue, 24 May 2011 10:34:09 +0200 (CEST)
On Tue, 24 May 2011, John Mudd wrote:
> Google breakthrough makes SSL less painful
The spec: https://tools.ietf.org/html/draft-bmoeller-tls-falsestart-00
The Chrome details:
http://blog.chromium.org/2011/05/ssl-falsestart-performance-results.html
This is a way to make the SSL handshake avoid a round-trip. curl uses third
party libraries for the SSL protocol implementation so as soon as the
underlying TLS/SSL library implements this then curl can use it.
Chrome uses NSS for SSL/TLS so I would assume that this feature will go or
already has done into NSS upstream so curl built to use NSS should be capable
of using this trick. Now or soon.
I expect (some) other SSL libraries to follow in their footsteps, assuming
they've not taken too steep shortcuts (I'm not really that knowledgeable of
the SSL protocol details to tell for sure what protocol violations they did or
didn't do.)
It should certainly be possible for early adopters and interested persons to
charge ahead and push towards getting this tested with curl. Then tell us what
you learned!
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-users FAQ: http://curl.haxx.se/docs/faq.html Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2011-05-24