tls: remove mentions of NSS and gskit

They are dropped from curl in 8.3.0 so no need to have them around
everywhere.

build/autotools.md

@@ -75,12 +75,12 @@ command line options. Before curl 7.77.0, the configure script would
 automatically check for OpenSSL, but modern versions do not.
 
  - AmiSSL: `--with-amissl`
+ - AWS-LC: `--with-openssl`
  - BearSSL: `--with-bearssl`
  - BoringSSL: `--with-openssl`
  - GnuTLS: `--with-gnutls`
  - LibreSSL: `--with-openssl`
  - mbedTLS: `--with-mbedtls`
- - NSS: `--with-nss`
  - OpenSSL: `--with-openssl`
  - Rustls: `--with-rustls` (point to the rustls-ffi install path)
  - Schannel: `--with-schannel`

build/tls.md

@@ -7,13 +7,12 @@ does not implement the TLS protocol itself.
 curl is written to work with a large number of TLS libraries:
 
  - AmiSSL
+ - AWS-LC
  - BearSSL
  - BoringSSL
  - GnuTLS
- - GSKit (OS/400 specific)
  - libressl
  - mbedTLS
- - NSS
  - OpenSSL
  - rustls
  - Schannel (native Windows)
@@ -55,15 +54,6 @@ gnutls:
 
     ./configure --with-gnutls=/home/user/installed/gnutls
 
-### NSS
-
-    ./configure --with-nss
-
-configure will detect NSS in its default path by default. You can optionally
-point configure to a custom install path prefix where it can find NSS:
-
-    ./configure --with-nss=/home/user/installed/nss
-
 ### WolfSSL
 
     ./configure --with-wolfssl

index-words

@@ -304,7 +304,6 @@ name resolving
 nghttp2
 nix
 NPN
-NSS
 openldap
 OpenSSL
 PAC

internals/tests/file-format.md

@@ -431,7 +431,6 @@ Features testable here are:
 - `manual`
 - `Mime`
 - `netrc`
-- `NSS`
 - `NTLM`
 - `OpenSSL`
 - `parsedate`

libcurl/proxies.md

@@ -44,9 +44,7 @@ the scheme part of the proxy host name string (`CURLOPT_PROXY`) to match it:
 `http` - means HTTP, which always lets the proxy resolve names
 
 `https` - means HTTPS **to the proxy**, which always lets the proxy resolve
-names (Note that HTTPS proxy support was added recently, in curl 7.52.0, and
-it still only works with a subset of the TLS libraries: OpenSSL, GnuTLS and
-NSS.)
+names.
 
 You can also opt to set the type of the proxy with a separate option if you
 prefer to only set the host name, using `CURLOPT_PROXYTYPE`. Similarly, you

source/layout.md

@@ -57,10 +57,8 @@ users.
 - BearSSL
 - BoringSSL: an OpenSSL fork maintained by Google. (uses `openssl.c`)
 - GnuTLS
-- GSKit: the native TLS library on OS/400.
 - LibreSSL: an OpenSSL fork maintained by the OpenBSD team. (uses `openssl.c`)
 - mbedTLS
-- NSS: TLS library most known for being used by the Firefox web browser.
 - OpenSSL
 - rustls: a TLS library written in rust
 - Schannel: the native TLS library on Windows.

usingcurl/tls/sslkeylogfile.md

@@ -23,6 +23,8 @@ Support for `SSLKEYLOGFILE` is provided by libcurl itself - making it possible f
 
 ## Restrictions
 
-The support for `SSLKEYLOGFILE` requires that curl was built with a TLS backend that supports this feature. The backends that support SSLKEYLOGFILE are: OpenSSL, libressl, BoringSSL, GnuTLS, NSS and wolfSSL.
+The support for `SSLKEYLOGFILE` requires that curl was built with a TLS
+backend that supports this feature. The backends that support SSLKEYLOGFILE
+are: OpenSSL, libressl, BoringSSL, GnuTLS and wolfSSL.
 
 If curl was built to use another backend, you cannot record your curl TLS traffic this way.

usingcurl/tls/stapling.md

@@ -13,4 +13,4 @@ Ask for the handshake to use the status request like this:
 
     curl --cert-status https://example.com/
 
-This feature is only supported by the OpenSSL, GnuTLS and NSS backends.
+This feature is only supported by the OpenSSL and GnuTLS backends.