On Sat, 23 Feb 2008, Kaspar Brand wrote:

> For details see my findings below; based on them, my recommendation
> would be:
>
> 1) enable TLS extensions by default
>
> 2) in the (lib)curl documentation, point out the fact that
> forcing SSLv3 allows to disable TLS extensions (except for OpenSSL,
> which should be fixed independently)
>
> 3) don't go into all sorts of contortions in order to allow tuning
> single TLS extensions (in some cases, you simply don't have the
> choice of turning off an extension - e.g for ECC)

I'm fine with this. We can always bite the bullet and add tweaks and go
through hoops if someone ends up with a problem. It makes sense to not make a
lot of code for work-arounds to problems that may in fact never show up!

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html