On August 20, 2025 5:12 PM, Daniel Stenberg wrote:
>To: libcurl hacking <curl-library@lists.haxx.se>
>The OpenSSL project themselves doesn't support any version before 3.0, so
>presumably there are also no security updates for older versions anymore
etc.
>That makes them insecure options to use.
>
>Is there any reason we should keep support for OpenSSL < v3 in curl ?
>
>Right now we support 1.0.2a or later.

To avoid confusion, it is not OpenSSL v3.0 being dropped. It is the TLS/SSL
v3 protocol
that is going away. Many packagers have not been building OpenSSL libraries
with
that protocol for years, me being one of them.

AFAIK, OpenSSL v3.0 is LTS until Sept 2026.

I'm perfectly happy not to have TLS/SSL v3 in curl anymore (or going back in
my
T.A.R.D.I.S. even starting in 2021).

--Randall

-- 
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette:   https://curl.se/mail/etiquette.html

Reply via email to