More Related Content


Recently uploaded(20)


curl roadmap 2020

  1. Roadmap 2020
  2. Daniel Stenberg Swedish, living in Sweden Lead developer and architect of curl Employed by and works for wolfSSL Started the curl project in March 1998 @bagder@bagder
  3. Roadmapping in a volunteer worldRoadmapping in a volunteer world Release cycleRelease cycle How things are mergedHow things are merged On the roadmapOn the roadmap Brain-storm stuffBrain-storm stuff Q&AQ&A @bagder@bagder
  4. @bagder@bagder
  5. Daniel’s Roadmap Ideas Daniel and wolfSSL plan to work on in 2020 Curl is open source and everyone is welcome to bring features and work that we haven’t planned or anticipated We only merge code into curl that is “curl worthy” There’s no guarantee that this actually will happen @bagder@bagder
  6. Daniel’s Roadmap guide Remain “Swiss army knife of Internet Protocols” Power the world of Internet enabled devices and tools Aid protocol developers and tinkerers Support bleeding edge protocol versions and features Security and privacy are prioritized areas @bagder@bagder
  7. wolfSSL curl Attempt to “listen in” what users want wolfSSL is the best and only commercial curl support option wolfSSL employs Daniel @bagder@bagder
  8. The curl release cycle explained Release on Wednesday, every 8 weeks (unless circumstances make us change) The first 4 weeks we allow merging new features (changes) The subsequent 4 weeks we only merge bug-fixes Repeat, forever @bagder@bagder
  9. How we merge changes ✔ Submit pull-request on (yes, Daniel as well) ✔ Get feedback ✔ Adjust to feedback ✔ Make sure the CI builds are green ✔ Merge into master ✔ Ship in next release @bagder@bagder
  10. RoadmapRoadmap @bagder@bagder
  11. On the mapOn the map HTTP/3 HSTS ESNI Thread-safe curl_global_init Thread-safe connection- sharing @bagder@bagder Tinier tiny-curl MQTT DNS-over-TLS Hardcoded localhost *
  12. HTTP/3HTTP/3 Protocol is being defined Initial support has landed Built on quiche or ngtcp2/nghttp3 Further work remain (including alt-svc) @bagder@bagder
  13. HSTSHSTS Preload a set Parse incoming headers Cache dynamically “Internal redirects” from HTTP to HTTPS Not so much to load the full browser preload set @bagder@bagder
  14. ESNI (Encrypted Server Name Indication)ESNI (Encrypted Server Name Indication) Removes the last clear text part in TLS The spec is still in draft Cloudflare deploys an old draft @bagder@bagder
  15. Thread-safe curl_global_initThread-safe curl_global_init Current limits cause grief Limitation mostly historic Cleanup our own backyard first Then thread-safe if using “proper” dependencies @bagder@bagder
  16. Thread-safe connection-sharingThread-safe connection-sharing Sharing the connection “cache” among threads allows applications to scale and perform better libcurl already offers this feature, but it is buggy and not done right Solving this proper will take some rearranging. It isn’t clear yet exactly how or what. @bagder@bagder
  17. Tinier tiny-curlTinier tiny-curl Tiny-curl is for HTTPS GET < 100 Kb Trim off more by compartmentalizing data better + ports to more tiny RTOSes @bagder@bagder
  18. MQTTMQTT MQTT is not a perfect fit, but commonly used Voted popular feature in recent poll Base on wolfMQTT @bagder@bagder
  19. DNS-over-TLS (DoT)DNS-over-TLS (DoT) Offers another way to secure name resolves Used similarly to DoH (DNS-over-HTTPS) Can share some of the code written for DoH @bagder@bagder
  20. Hardcode localhostHardcode localhost Provide “internal resolve” for localhost Removes risk for accidental DNS resolve Faster Done by some OSes already @bagder@bagder
  21. Customize roadmapCustomize roadmap What features do you need? What Internet protocol changes and demands do you see coming in 2020? Which of these roadmap entries should be prioritized? (And which should not) @bagder@bagder
  22. No command line tool changes? Nothing planned Things will turn up and get done anyway Suggestions? @bagder@bagder
  23. Brain-storm territory @bagder@bagder
  24. Websockets? Top request in user surveys Doesn’t fit the model very well Many users still “kick off” websockets with curl @bagder@bagder
  25. Multi-thread libcurl? Aid high performance transfers API to help multicore use @bagder@bagder
  26. C++ binding?C++ binding? “Blessed” and provided by the curl project Tighter integration between libcurl and C++ Keep up with libcurl The binding that never was But do we need it? @bagder@bagder
  27. 27 RoadmapRoadmap @bagder@bagder
  28. Learn more about curl! @bagder@bagder