Post by Richard KettlewellPost by Richard KettlewellPost by Ivan ShmakovYeah. The same kind of utterly insecure software that no one uses
anymore, like GnuTLS, OpenSSL, Linux, GnuPG, Apache httpd, etc.
I didn’t say “the objection to continuing to use”, I said “the
objection to adopting”.
But I won’t be “adopting” Libcurl! I would continue to use it, like
I had for years, as part of my system, which will now include
RifleBox™ – the new and improved ‘no-nonsense’ revolutionary modular
browser.
The context seemed to be whether Firefox should adopt curl or not.
Indeed, I wasn’t entirely clear. This subthread started with
a mention of Firefox forks, and the observation that as a rule,
they aren’t viable. So, my suggestion was that we need a more
modular codebase (as in: it is actually feasible for a third
party to fork one module while retaining the upstreams for others.)
Somehow, I doubt that Mozilla will go that way (although I’d be
delighted to be proven wrong on this point), so my idea was
indeed about forking Firefox one more time.
That said, Libcurl is in development for over two decades now;
and personally, I’m going to use it whether it’s adopted by a
browser or not. So, will it indeed be any more secure to use
Libcurl in some contexts and some brand new HTTP connectivity
module in others, as opposed to using Libcurl only?
Not to mention that new crypto functions are still being added
to GnuTLS and OpenSSL, – and are still written in the same old C.
How does it not irk, say, the Mozilla developers, I wonder?
--
FSF associate member #7257 http://am-1.org/~ivan/