Right, For all reasons, see RFC 8996 => https://datatracker.ietf.org/doc/html/rfc8996
Who would get upset? Proposed approach: 1. We change the default (CURL_SSLVERSION_DEFAULT) and v1 (CURL_SSLVERSION_TLSv1) to mean >= 1.2 in 8.16.0 (September 2025 release) 2. We give everyone six more months to adapt, protest or similar and then in March 2026 we make libcurl return error if asked to use anything lower than 1.2 3. In march 2026 (around 8.20.0) we ship without support for TLS < 1.2 Any problems with this? -- / daniel.haxx.se || https://rock-solid.curl.dev -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
