curl-library
RE: Report on SSL cipher being used
Date: Mon, 7 Jan 2013 13:59:27 +0100 (CET)
On Mon, 7 Jan 2013, Philip Montrowe wrote:
>> So, back to the subject at hand: I suggested a way that could offer a
>> consistent API independently of the SSL backend. Is there a particular
>> reason that wouldn't work?
>
> OpenSSL provides about five items of information including the ciphername,
> description, number of bits, and number of "secret bits". Any general
> interface I think would have to provide all the information. I certainly
> have a mandate to report on the bit numbers.
Right, that might very well be true. I haven't personally investigated the
subject in depth enough to tell for sure.
> But I know nothing about the 19 other providers aside from OpenSSL, so at
> this point I will have to bow out as I do not have the resource and time I
> would need to assist in this.
Nobody is expecting you or any other single individual to work everything out
on their own. If everyone contributes a little we might eventually end up with
a combined great result. If instead nobody contributes we won't get anywhere.
We could implement support for this feature for a given SSL library first
(like OpenSSL) and then work on providing said data for the other backends.
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2013-01-07