On Fri, Oct 17, 2025 at 11:57 AM Daniel Stenberg via curl-library <[email protected]> wrote: > > On Fri, 17 Oct 2025, curl.stunt430--- via curl-library wrote: > > > I hope this can be fixed to not be a source of confusion. Thanks! > > I think it would be a little against the point of this option to require > certificate verification as well.
++. Host key pinning is a strong security control. I prefer it over other forms that incorporate trust. > Proposed fix, update the comment: https://github.com/curl/curl/pull/19105 Jeff -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
