On Sat, 7 Dec 2024, Scott Talbert via curl-library wrote:
1) Extend the ca-embed functionality so that it works with libcurl and the CA store could be bundled with libcurl. Is there a reason ca-embed was restricted to just the curl tool?
I argued for the logic to be done in the tool, because I don't think it is necessary for the library to do it. A bundled CA store is complicated already as it forces you to update the application regularly instead of just updating an external text file.
After all, it is ultimately the user of the library that decides what CA store to use and the application is the user.
If you want this functionality for your application, you can just do the same as the curl tool does. libcurl provides the APIs that make it possible.
2) Implement some sort of runtime CA bundle auto-detection, similar to the compile-time one. It seems there is already support for this on Windows, but similarly only with the curl tool.
Why do this in libcurl when you can with less effort do that logic in your application? Then you can make it work exactly the way you want it to, without having to care about others.
-- / daniel.haxx.se || https://rock-solid.curl.dev -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
