Re: Question about SSL Session Tickets
On Mon, 19 Aug 2019, Joachim Mammele via curl-library wrote: According to https://vincent.bernat.ch/en/blog/2011-ssl-session-reuse-rfc5077 it is necessary to send and empty "session_ticket" extension in the Client Hello message. Is this possible to do with CURL? I don't think it is. I saw that there are alrady some issues related to this topic: https://github.com/curl/curl/pull/3060 related to Session Tickets, is this in the master now? (it seems that this is only for NSS but not for OpenSSL?) It didn't get merged. It was just closed with "Abandoned. Closing." in February 13 2019. https://github.com/curl/curl/pull/2220 This pull-request didn't make it into master, did it? Nope, that too was abandoned and subsequently closed. Clearly some people have considered this subject before but it seems nobody yet could get the work all the way through to get merged! Is my question related to the following TODO? https://curl.haxx.se/docs/todo.html#Cache_share_OpenSSL_contexts That TODO isn't related to tickets at all, but mentions a potential way to share "contexts" across handles as a means of speeding up multiple TLS-using connections. -- / daniel.haxx.se | Get the best commercial curl support there is - from me | Private help, bug fixes, support, ports, new features | https://www.wolfssl.com/contact/ --- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
[poll comment] "SNMP request/reply support"
Another suggestion from the poll. (SNMP is not currently supported by curl.) I'm not personally fluent in SNMP so I would need to do this together with someone who is and someone who has an existing use case that could drive it - so that it becomes a less theoretical and more practical exercise. I found that RFC 4088 defines the URL syntax but can we really view such SNMP requests and replies as "transfers" ? What kind of data does such a transfer return? Ideas? Thoughts? -- / daniel.haxx.se | Get the best commercial curl support there is - from me | Private help, bug fixes, support, ports, new features | https://www.wolfssl.com/contact/ --- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
[poll comment] "Bandwidth limit settings on the multi interface"
Suggested in the free-form field in the roadmap poll. Years ago implemented this feature as an experiment but it turned out pretty complicated. If you do X transfers and they have N bytes/sec allowance in aggregate, it is a hard challange to distribute the available bandwidth on the transfers in a way that would resemeble a lower bandwidth connection (which I assume you'd like from such a feature). We can already set bandwith caps per transfer so this feature is more just a problem to make sure all transfers use th given bandwidth as good as possible but without starving invididual transfers... If someone has thoughts on this, we could discuss! -- / daniel.haxx.se | Get the best commercial curl support there is - from me | Private help, bug fixes, support, ports, new features | https://www.wolfssl.com/contact/ --- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
[poll comment] "curl needs more tests"
Hi, I totally agree with this, since as long as there are protocols and code in the project that isn't tested and covered by at least one test case we're not good enough. That said, it is also a question of getting return on invested time and energy so I'm very curious which current areas of curl that people find there's a *problem* with due to lack of tests. -- / daniel.haxx.se | Get the best commercial curl support there is - from me | Private help, bug fixes, support, ports, new features | https://www.wolfssl.com/contact/ --- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
Re: Informal 2019/2020 curl roadmap poll
On Mon, 19 Aug 2019, Aleksandar Lazic wrote: This ^^ service for example only offers a very basic poll functionality and can't host an 11-question poll the way this roadmap thing is. What's your requirements for the polling solution. I will then try to find another solution instead of g..forms. I don't know, but I want to be able to add a number of questions and have the ability to select different kinds of answers. Multi answer, checkboxes, graded etc. I don't want to be limited to a fixed number of respondees. And of course the answers need to be collected and provided in a decent way. surveymonkey and typeform are for example two excellent such services, but IIRC both become pretty pricy when the free tier isn't enough and when I've played with them the free version wasn't enough. -- / daniel.haxx.se | Get the best commercial curl support there is - from me | Private help, bug fixes, support, ports, new features | https://www.wolfssl.com/contact/ --- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
Re: Informal 2019/2020 curl roadmap poll
Am 19.08.19 um 09:19 schrieb Daniel Stenberg: > On Sun, 18 Aug 2019, Aleksandar Lazic wrote: > >>> - ESNI >> >> First: +1 >> >>> - MQTT >> >> Second: +1 > > Going by the responses we've seen so far, that seems to match what others > think > as well... > >> Maybe you can switch from google forms to a more privacy oriented poll >> service >> like. > > Sure! I've tried out several competitors but none has been as flexible or > offered the same no-cost approach. I'm open to keep trying others. Most others > I've tried limits the surveys in various ways in their free tiers and I've > found > the paid levels too expensive for my use cases. > >> https://poll.digitalcourage.de/?lang=en > > This ^^ service for example only offers a very basic poll functionality and > can't host an 11-question poll the way this roadmap thing is. What's your requirements for the polling solution. I will then try to find another solution instead of g..forms. > (Another small nit could be that the fine print, FAQ etc on the site is all > only > in German which makes me a bit cautious as well.) Sounds like one requirement is Language: English ;-) Reards Aleks --- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
Re: Informal 2019/2020 curl roadmap poll
On Sat, 17 Aug 2019, Daniel Stenberg via curl-library wrote: [the poll is still open] https://docs.google.com/forms/d/e/1FAIpQLSe-T5IrWq73d6QXvdsn8zVhCWKHCwq97J7KrNktOPL0g2Y7pA/viewform Just an idea: If you fill in a suggestion in the free form field at the end of the poll, do consider elaborating further here on the mailing list. (Otherwise *I* will do that to kick off some attempt of discussion and starting point...) -- / daniel.haxx.se | Get the best commercial curl support there is - from me | Private help, bug fixes, support, ports, new features | https://www.wolfssl.com/contact/ --- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
Question about SSL Session Tickets
Hi, I'm trying to get data from an embedded device and for this I would like to use Session Tickets. According to https://vincent.bernat.ch/en/blog/2011-ssl-session-reuse-rfc5077 it is necessary to send and empty "session_ticket" extension in the Client Hello message. Is this possible to do with CURL? I'm using CURL 7.64.1 and OpenSSL 1.0.2e on Windows 10 but also have plans to compile/use my application on Linux. I saw that there are alrady some issues related to this topic: https://github.com/curl/curl/pull/3060 related to Session Tickets, is this in the master now? (it seems that this is only for NSS but not for OpenSSL?) https://github.com/curl/curl/pull/2220 This pull-request didn't make it into master, did it? Is my question related to the following TODO? https://curl.haxx.se/docs/todo.html#Cache_share_OpenSSL_contexts Any help would be appreciated. Thanks J. Mammele Geschäftsführung: Susanne Kunschert, Thomas Pilz Pilz GmbH & Co. KG, Sitz: Ostfildern, HRA 210 893, Amtsgericht Stuttgart Kompl. Ges. Peter Pilz GmbH, Sitz: Ostfildern, HRB 210 612, Amtsgericht Stuttgart Umsatzsteuer: ID-Nr. DE 145 355 773, WEEE-Reg.-Nr. DE 71636849 This email is intended solely for the use of the named address(es). Any unauthorised disclosure, copying or distribution of these confidential information contained therein, or the taking of any action based on it, is prohibited. The sender disclaims any liability for the integrity of this email. Legally binding declarations must be in written form. Umweltschutz liegt uns am Herzen! - Bitte denken Sie an unsere Umwelt, bevor Sie diese E-Mail drucken. We do care about the environment! - Please consider the environment before printing this e-mail. --- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
Re: Informal 2019/2020 curl roadmap poll
On Sun, 18 Aug 2019, Aleksandar Lazic wrote: - ESNI First: +1 - MQTT Second: +1 Going by the responses we've seen so far, that seems to match what others think as well... Maybe you can switch from google forms to a more privacy oriented poll service like. Sure! I've tried out several competitors but none has been as flexible or offered the same no-cost approach. I'm open to keep trying others. Most others I've tried limits the surveys in various ways in their free tiers and I've found the paid levels too expensive for my use cases. https://poll.digitalcourage.de/?lang=en This ^^ service for example only offers a very basic poll functionality and can't host an 11-question poll the way this roadmap thing is. (Another small nit could be that the fine print, FAQ etc on the site is all only in German which makes me a bit cautious as well.) -- / daniel.haxx.se | Get the best commercial curl support there is - from me | Private help, bug fixes, support, ports, new features | https://www.wolfssl.com/contact/--- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html