cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH] support for server name indication (RFC 4366)

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Mon, 25 Feb 2008 08:45:01 +0100 (CET)

On Sat, 23 Feb 2008, Kaspar Brand wrote:

> For details see my findings below; based on them, my recommendation
> would be:
>
> 1) enable TLS extensions by default
>
> 2) in the (lib)curl documentation, point out the fact that
> forcing SSLv3 allows to disable TLS extensions (except for OpenSSL,
> which should be fixed independently)
>
> 3) don't go into all sorts of contortions in order to allow tuning
> single TLS extensions (in some cases, you simply don't have the
> choice of turning off an extension - e.g for ECC)

I'm fine with this. We can always bite the bullet and add tweaks and go
through hoops if someone ends up with a problem. It makes sense to not make a
lot of code for work-arounds to problems that may in fact never show up!

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Received on 2008-02-25