curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Mozilla CA Certificates, UTF-8

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Thu, 17 May 2018 00:51:15 +0200 (CEST)

On Wed, 16 May 2018, Zach van Rijn wrote:

> two entries (lines 1171 and 2638 respectively) have comments that are in
> UTF-8, which I noticed today, pasted below for reference:

...

> Should these be converted [via 'mk-ca-bundle'], ignored [leave the file
> as-is] or some other option?

I think that as long as nobody reports a problem with them being left as-is we
can just let them be. Unless someone feels an urge to dig in and figure out
what the "right" way forward is here.

> My second question is, would there be any interest in having an "in-memory"
> certificate option? I see an example [3] for OpenSSL, but am considering
> adding something like 'ssl_camem' in addition to 'ssl_cafile' and
> 'ssl_capath' [4], and the respective easy-opt flag, perhaps 'CURLOPT_CAMEM'
> to specify a char * pointing to in- memory contents of that CA file.

I think there is an interest. This subject has been up before[1] and is also
mentioned in the TODO [2].

I don't know how complicated this feature is to implement for other TLS
backends than openssl (and its siblings boringssl/libressl).

[1] = https://github.com/curl/curl/issues/2310
[2] = https://curl.haxx.se/docs/todo.html#Support_in_memory_certs_ca_certs

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2018-05-17