Hi Junio, On Fri, 26 Oct 2018, Junio C Hamano wrote: > Johannes Schindelin <Johannes.Schindelin@xxxxxx> writes: > > > On Fri, 26 Oct 2018, Junio C Hamano wrote: > > > >> * js/mingw-http-ssl (2018-10-26) 3 commits > >> (merged to 'next' on 2018-10-26 at 318e82e101) > >> + http: when using Secure Channel, ignore sslCAInfo by default > >> + http: add support for disabling SSL revocation checks in cURL > >> + http: add support for selecting SSL backends at runtime > >> (this branch is used by jc/http-curlver-warnings.) > >> > >> On Windows with recent enough cURL library, the configuration > >> variable http.sslBackend can be used to choose between OpenSSL and > >> Secure Channel at runtime as the SSL backend while talking over > >> the HTTPS protocol. > > > > Just a quick clarification: the http.sslBackend feature is in no way > > Windows-only. Sure, it was championed there, and sure, we had the first > > multi-ssl-capable libcurl, but this feature applies to all libcurl > > versions that are built with multiple SSL/TLS backends. > > Yeah, but "http.sslBackend can be used to choose betnween OpenSSL > and Scure Channel" applies only to Windows (especially the "between > A and B" part, when B is Windows only), right? I had a hard time > coming up with a phrasing to summarize what the immediate merit > users would get from the topic in a simple paragraph. On Linux, with an appropriately built libcurl, you can use http.sslBackend to choose between OpenSSL, GNU TLS, NSS and mbedTLS. > > The two patches on top are Windows-only, of course, as they really apply > > only to the Secure Channel backend (which *is* Windows-only). > > Yes, that is why the summary for the topic as a whole focuses on > Windows, as that is the primary audience who would benefit from the > topic. In contrast, I think that the main purpose of this patch series is to bring http.sslBackend to everybody. And then we also include fall-out patches that are Windows-only. :-) Ciao, Dscho
