On August 20, 2025 5:12 PM, Daniel Stenberg wrote: >To: libcurl hacking <curl-library@lists.haxx.se> >The OpenSSL project themselves doesn't support any version before 3.0, so >presumably there are also no security updates for older versions anymore etc. >That makes them insecure options to use. > >Is there any reason we should keep support for OpenSSL < v3 in curl ? > >Right now we support 1.0.2a or later.
To avoid confusion, it is not OpenSSL v3.0 being dropped. It is the TLS/SSL v3 protocol that is going away. Many packagers have not been building OpenSSL libraries with that protocol for years, me being one of them. AFAIK, OpenSSL v3.0 is LTS until Sept 2026. I'm perfectly happy not to have TLS/SSL v3 in curl anymore (or going back in my T.A.R.D.I.S. even starting in 2021). --Randall -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html