curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Has the time come to drop NSS?

From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Fri, 28 Jan 2022 08:56:33 +0100 (CET)

Hello,

This morning we got a fresh issue [1] filed that involves the NSS library.

When I started to investigate this I ran a few google searches for some of the
invovled functions in NSS, such as PR_Recv, only to realize that there just is
no documentation for this to be found online anymore - anywhere. At least my
searches fell short. (Which made me file [2])

This is not in itself an alarming situation for us right now, since we can
still just use it like before, but to be this is a very clear sign that the
NSS team doesn't even bother anymore. To me, this is a clear sign they've
stopped caring and a message for us to reconsider if leaning on this leg is a
good idea for our users. Going forward into the mist with no map is not the
future I want.

Is it time to drop support for NSS?

I don't think any distribution is shipping curl build with NSS by default
anymore. I know there still are users of it, like the issue that triggered me
into this shows, but I think most users can be transitioned over to other TLS
backends.

Maybe we should set a date, maybe late 2022 and if things are still as
grim-looking in NSS-land as today we then say goodbye?

[1] = https://github.com/curl/curl/issues/8341
[2] = https://github.com/mdn/content/issues/12471

-- 
  / daniel.haxx.se
  | Commercial curl support up to 24x7 is available!
  | Private help, bug fixes, support, ports, new features
  | https://curl.se/support.html
-- 
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2022-01-28