cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Will curl adopt Google'd approach to SSL?

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 24 May 2011 10:34:09 +0200 (CEST)

On Tue, 24 May 2011, John Mudd wrote:

> Google breakthrough makes SSL less painful

The spec: https://tools.ietf.org/html/draft-bmoeller-tls-falsestart-00

The Chrome details:
http://blog.chromium.org/2011/05/ssl-falsestart-performance-results.html

This is a way to make the SSL handshake avoid a round-trip. curl uses third
party libraries for the SSL protocol implementation so as soon as the
underlying TLS/SSL library implements this then curl can use it.

Chrome uses NSS for SSL/TLS so I would assume that this feature will go or
already has done into NSS upstream so curl built to use NSS should be capable
of using this trick. Now or soon.

I expect (some) other SSL libraries to follow in their footsteps, assuming
they've not taken too steep shortcuts (I'm not really that knowledgeable of
the SSL protocol details to tell for sure what protocol violations they did or
didn't do.)

It should certainly be possible for early adopters and interested persons to
charge ahead and push towards getting this tested with curl. Then tell us what
you learned!

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2011-05-24

This message: [ Message body ]
Next message: Raul: "Curl on Windows, SFTP and proxy, sftp not supported??"
Previous message: John Mudd: "Will curl adopt Google'd approach to SSL?"
In reply to: John Mudd: "Will curl adopt Google'd approach to SSL?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]