1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 16:48:49 -05:00

ROADMAP: updates and cleanups

Fix the HSTS PR

Remove DoT, thread-safe init and hard-coded localhost. I feel very
little interest for these with users so I downgrade them to plain "TODO"
entries again.
This commit is contained in:
Daniel Stenberg 2020-09-28 17:03:20 +02:00
parent abeeffb11c
commit 422b257fef
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2

View File

@ -8,36 +8,12 @@ participation.
HSTS
----
Complete and merge [the existing PR](https://github.com/curl/curl/pull/2682).
Merge [the existing PR](https://github.com/curl/curl/pull/5896).
Loading a huge preload file is probably not too interesting to most people,
but using a custom file and reacting to HSTS response header probably are
good features.
DNS-over-TLS
------------
Similar to DNS-over-HTTPS. Could share quite a lot of generic code.
ESNI (Encrypted SNI)
--------------------
ECH (Encrypted Client Hello - formerly known as ESNI)
-----------------------------------------------------
See Daniel's post on [Support of Encrypted
SNI](https://curl.haxx.se/mail/lib-2019-03/0000.html) on the mailing list.
Initial work exists in https://github.com/curl/curl/pull/4011
thread-safe `curl_global_init()`
--------------------------------
Fix the libcurl specific parts of the function to be thread-safe. Make sure
it can be thread-safe if built with thread-safe 3rd party libraries.
(probably can't include `curl_global_init_mem()` for obvious reasons)
Hardcode “localhost”
--------------------
No need to resolve it. Avoid a risk where this is resolved over the network
and actually responds with something else than a local address. Some
operating systems already do this. Also:
https://tools.ietf.org/html/draft-ietf-dnsop-let-localhost-be-localhost-02