cURL / Mailing Lists / curl-library / Single Mail


RE: Report on SSL cipher being used

From: Daniel Stenberg <>
Date: Mon, 7 Jan 2013 13:59:27 +0100 (CET)

On Mon, 7 Jan 2013, Philip Montrowe wrote:

>> So, back to the subject at hand: I suggested a way that could offer a
>> consistent API independently of the SSL backend. Is there a particular
>> reason that wouldn't work?
> OpenSSL provides about five items of information including the ciphername,
> description, number of bits, and number of "secret bits". Any general
> interface I think would have to provide all the information. I certainly
> have a mandate to report on the bit numbers.

Right, that might very well be true. I haven't personally investigated the
subject in depth enough to tell for sure.

> But I know nothing about the 19 other providers aside from OpenSSL, so at
> this point I will have to bow out as I do not have the resource and time I
> would need to assist in this.

Nobody is expecting you or any other single individual to work everything out
on their own. If everyone contributes a little we might eventually end up with
a combined great result. If instead nobody contributes we won't get anywhere.

We could implement support for this feature for a given SSL library first
(like OpenSSL) and then work on providing said data for the other backends.

List admin:
Received on 2013-01-07