Jorge wrote:
On Mon, Jun 20, 2016 at 10:10:54AM +0200, Johannes Hofmann wrote:
On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
I wanted to see what it would take to use mbed tls with dillo.
I put a copy of the diff at http://www.dillo.org/test/mbedtls.diff and I mention it here in case someone should want that one day.
Excellent. I like mbedtls (formerly known as PolarSSL). The code looks much saner to me than openssl.
If you both agree it's a better lib than OpenSSL, +1.
All right, then. *commits* If you need mbed TLS 2.x: https://tls.mbed.org/download If you watch the MSGs, you'll see I've turned off the certificate chain printing and instead show a more concise summary at shutdown of which root certificates were used to verify communication with which servers. And at startup it'll tell you how many such certificates you are trusting. By default, I had 174, but I've trimmed them down on this computer to...twenty at the moment because I never need the ones from certificate authorities in China, Turkey, Hungary, etc.