Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
Re: Time to deprecate TLS 1.0 and 1.1 ?
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Jeffrey Walton via curl-library <curl-library_at_lists.haxx.se>
Date: Fri, 11 Jul 2025 06:16:54 -0400
On Fri, Jul 11, 2025 at 6:10 AM Daniel Stenberg via curl-library
<curl-library_at_lists.haxx.se> wrote:
>
> On Fri, 11 Jul 2025, Timothe Litt via curl-library wrote:
>
> > bricking hardware by making it impossible to access them will not make you
> > any friends....
>
> First, if this change would *brick* a device that would be entirely because of
> stupid engineering and not because of curl.
It has been my experience that US DoD, US Federal and US Medical could
encounter problems. That's because of the cost associated with
certifying devices. It does not have anything to do with bad
engineering.
> Then, I would to just say that unless these companies are paying someone for
> curl, we have no particular responsibilities whatsoever towards them and they
> should just be happy what we ship code they can use.
Fair point. If a company is willing to spend $150,000 USD to certify a
device, they should make a donation to cURL for some goodwill.
Jeff
Date: Fri, 11 Jul 2025 06:16:54 -0400
On Fri, Jul 11, 2025 at 6:10 AM Daniel Stenberg via curl-library
<curl-library_at_lists.haxx.se> wrote:
>
> On Fri, 11 Jul 2025, Timothe Litt via curl-library wrote:
>
> > bricking hardware by making it impossible to access them will not make you
> > any friends....
>
> First, if this change would *brick* a device that would be entirely because of
> stupid engineering and not because of curl.
It has been my experience that US DoD, US Federal and US Medical could
encounter problems. That's because of the cost associated with
certifying devices. It does not have anything to do with bad
engineering.
> Then, I would to just say that unless these companies are paying someone for
> curl, we have no particular responsibilities whatsoever towards them and they
> should just be happy what we ship code they can use.
Fair point. If a company is willing to spend $150,000 USD to certify a
device, they should make a donation to cURL for some goodwill.
Jeff
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2025-07-11