Personally, I would find value in having the NSS backend supported by the
buildbots. I got curl to build with NSS on .27, but forgot how (lost build
environment entirely) and now I can't get it working on newer versions. For my
use case I must have the ability to select certs from a card and I can't figure
a way to do that with openSSL's assumptions of having a key file. NSS lets me
just name the cert and connect NSS to the crypto library that can read the
proprietary card applets. Sadly, there aren't many of us care about NSS and
I'm a script kiddie rather a developer.
I remember Gunter once provided a Windows binary to someone years ago, but I
think the NSS/curl relationship on Windows has gotten more broken since then.
Still, great tool when I don't have to work on Windows with smart cards that
have no way to function on Linux. I hate proprietary implementations.
________________________________
From: Marc Hoersken <[email protected]>
To: [email protected]
Sent: Saturday, June 14, 2014 2:44 PM
Subject: Re: [Survey] What people want us to do next
Daniel, thanks for gathering the feedback!
On 14.06.2014 23:16, Daniel Stenberg wrote:
> up-to-date windows binaries by knauf
If I would know which type of Windows builds are the most frequently
requested ones, I could setup my Windows testing buildbots [1] to
produce curl and libcurl binaries and make them available for download.
> My biggest issue is that the key feature I need is only available with
> the
> OpenSSL backend. For my application (and frankly most others, they
> just don't
> actually care enough), it's essential to be able to control validation
> of the
> server's key while setting up a TLS connection. Without that feature,
> use of
> TLS is completely unsafe for applications, and right now that's OpenSSL
> only. So the portability to other back-ends is both not useful, and has
> actually caused bugs in the OpenSSL back-end because of the complexity of
> supporting the others.
I understand the concerns regarding the mismatch of the supported
SSL/TLS features by each individual crypto backend, but I actually think
that supporting different crypto backends is one of curls most valuable
assets. Of course, the vtls abstraction and especially the niche
backends definitely require some hard work and love.
[1] http://curlbuild.uxnr.de/waterfall
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
