Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
Re: OpenSSL < v3 ?
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Patrick Schlangen via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 21 Aug 2025 07:49:42 +0000
Hi,
how would this affect the ability to use aws-lc, which seems to aim at being API compatible with OpenSSL 1.1.1? (This might have changed meanwhile?)
Right now it works well with curl, and it would be quite sad if this stops to work, given the performance issues of OpenSSL 3.x. [1]
Thanks,
Patrick
[1] https://www.haproxy.com/blog/state-of-ssl-stacks
Am 20.08.2025 um 23:12 schrieb Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>:
Hi team,
The OpenSSL project themselves doesn't support any version before 3.0, so presumably there are also no security updates for older versions anymore etc. That makes them insecure options to use.
Is there any reason we should keep support for OpenSSL < v3 in curl ?
Right now we support 1.0.2a or later.
--
/ daniel.haxx.se || https://rock-solid.curl.dev
--
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette: https://curl.se/mail/etiquette.html
Date: Thu, 21 Aug 2025 07:49:42 +0000
Hi,
how would this affect the ability to use aws-lc, which seems to aim at being API compatible with OpenSSL 1.1.1? (This might have changed meanwhile?)
Right now it works well with curl, and it would be quite sad if this stops to work, given the performance issues of OpenSSL 3.x. [1]
Thanks,
Patrick
[1] https://www.haproxy.com/blog/state-of-ssl-stacks
Am 20.08.2025 um 23:12 schrieb Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>:
Hi team,
The OpenSSL project themselves doesn't support any version before 3.0, so presumably there are also no security updates for older versions anymore etc. That makes them insecure options to use.
Is there any reason we should keep support for OpenSSL < v3 in curl ?
Right now we support 1.0.2a or later.
--
/ daniel.haxx.se || https://rock-solid.curl.dev
--
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette: https://curl.se/mail/etiquette.html
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2025-08-21