On Thu, Mar 25, 2021, Rohan Kumar wrote: > On Thu, Mar 25, 2021 at 08:41:16AM +0100, almaember wrote: >> Either way, even if we can't get in cURL right now, a C based Gemini >> library would be really important > > Good news: this exists! Building https://sr.ht/~sircmpwn/gmni will build > the libgmni library, is linked into the gmni (cURL-like) and gmnlm > clients. All three are in the same repo. Note that gmni recently switched to BearSSL, which does not support TLS 1.3. I'll repeat what I wrote on the spec issue tracker: OpenSSL, LibreSSL, GnuTLS, wolfSSL and BoringSSL all support TLS 1.3. BearSSL is the only TLS library I know of which doesn't. TLS 1.3 is on its roadmap [1], but the last BearSSL release was in August 2018 and the project has been less and less active [2] since. [1] https://bearssl.org/tls13.html [2] https://bearssl.org/gitweb/?p=BearSSL;a=summary Phasing out TLS 1.2 is one of the Gemini project's aspirations, as stated in the spec: > TLS 1.2 is reluctantly permitted for now to avoid drastically reducing > the range of available implementation libraries. Hopefully TLS 1.3 or > higher can be specced in the near future. Clients who wish to be > "ahead of the curve MAY refuse to connect to servers using TLS version > 1.2 or lower. Client developers can use gemini://egsam13.glv.one/ to test TLS 1.3 compatibility.
---
Previous in thread (22 of 26): 🗣️ Stephane Bortzmeyer (stephane (a) sources.org)
Next in thread (24 of 26): 🗣️ Drew DeVault (sir (a) cmpwn.com)