From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 27 May 2024 08:13:40 +0000 (+0200)
Subject: TODO: Add "Share CA cache" + "CA caching to more TLS backends"
X-Git-Tag: curl-8_9_0~384
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b5655269b36402f1ebda0972f85f2a58d79f8285;p=thirdparty%2Fcurl.git

TODO: Add "Share CA cache" + "CA caching to more TLS backends"

Closes #13787
---

diff --git a/docs/TODO b/docs/TODO
index e5bf092433..4166f2ee45 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -126,6 +126,8 @@
  13.13 Make sure we forbid TLS 1.3 post-handshake authentication
  13.14 Support the clienthello extension
  13.15 Select signature algorithms
+ 13.16 Share the CA cache
+ 13.17 Add CA caching to more TLS backends
 
  14. GnuTLS
  14.2 check connection
@@ -921,6 +923,19 @@
 
  https://github.com/curl/curl/issues/12982
 
+13.16 Share the CA cache
+
+ For TLS backends that supports CA caching, it makes sense to allow the share
+ object to be used to store the CA cache as well via the share API. Would
+ allow multiple easy handles to reuse the CA cache and save themselves from a
+ lot of extra processing overhead.
+
+13.17 Add CA caching to more TLS backends
+
+ The ability to cache the CA store between invokes can improve transfer
+ performance signficantly. In curl 8.9.0, only OpenSSL, Schannel and wolfSSL
+ support this.
+
 14. GnuTLS
 
 14.2 check connection