curl-library
RE: RE: [PATCH v2] Update docs for recent SPNEGO and GSS-API changes
Date: Tue, 12 Aug 2014 00:01:46 +0200 (CEST)
On Mon, 11 Aug 2014, Steve Holme wrote:
> It really depends on the route that Daniel wants to take with it. For
> example I see the Kerberos4 line contains a link to both MIT Kerberos and
> the kth-krb4 package, howerver, OpenSSL, NSS and yassl are all listed as SSL
> libraries each with their own entry - some would argue that the entries for
> NSS and yassl are also identical.
That page has really just not gotten any attention for years. I just removed
krb4 from it now and cleaned it off a lot of details that aren't really
suitable for it.
> The headers in the table say "Library" and "Used for", what I've done fits
> that model - I appreciate the krb4 entry doesn't do this so there is some
> inconsistency there but if I implemented exactly what you wrote then that
> would be a second inconsistency as GSS-API, as you know, is a technology
> rather than a single library.
Yeah, the page should list which dependencies (lib)curl can use and what for.
I don't mind at all if we totally change the layout, skip the table or what
not but I think it'd be great to have a single page that explains all 3rd
party libraries that libcurl can possibly be using - directly.
> * OpenSSL can be used for SSL and TLS.
> * I'm not sure listing http next to SSL or TLS is the correct thing to do as
> it is used for all the SSL based protocols as well as those protocols that
> support explicit upgrades.
Yeah, we could probably have a whole separate section of that page for just
TLS libraries, with a pointer to http://curl.haxx.se/docs/ssl-compared.html
too.
> * I don't think krb4 should be listed anymore
Gone!
> *Although not a library that a developer compiles but you could argue that
> Windows SSPI should be listed
Perhaps, although it isn't 3rd party and is bundled with the OS already. But
perhaps the page could be viewed as "different ways you could build libcurl to
use different libraries for various features" ...
> * Other SSL libraries such as CyaSSL, GSKit, gtls, PolarSSL, BoringSSL and
> LibreSSL should possibly be included.
They could indeed!
> * Perhaps the "Used for" column should be just a list of technology (such
> as: SSL, NTLM, Kerberos and a third "Desciption" column and possibly a
> fourth "Download" column.
Except for the download, I agree. Let's stick to just link to the canonical
web page with the most amount of info about it and let that worry about the
download link.
> I'm more than happy for someone else to look at it or rework it and for
> others to comment... To a certain degree I wish I'd not touched it now as
> I've not more import stuff to be hacking together ;-)
There's really no hurry with it anyway.
And as a reminder to everyone: the web site is (mostly) available at
https://github.com/bagder/curl-www and we welcome patches for that too!
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2014-08-12