Should we settle on one SSL implementation?
Andrew Bartlett
abartlet at samba.org
Mon Oct 22 12:48:24 UTC 2007
On Mon, 2007-10-22 at 08:17 -0400, Bernardo Innocenti wrote:
> I remember this topic being discussed some time ago,
> but software is fluid and maybe it's time to respin
> the topic.
>
> It would seem a worthwhile goal to unify SSL/TLS
> implementations like we did for spell checkers.
> Or, if it turns out to be too hard, at least it would
> be nice to their pki files.
>
> We're now shipping no less than 4 different implementations
> of SSL:
>
> - openssl (OpenBSD's implementation)
> - nss (Netscape's implementation)
> - gnutls (LGPL implementation)
> - puretls (Java implementation)
>
> But which one should replace the others?
>
> It is not clear to me. Judging from dependencies, OpenSSL,
> NSS and gnutls all seem equally popular in Fedora.
Is there a graph of that around? It could be really interesting when
looking at what packages to convert/mimic. (The nss_compat_ossl package
is in the mimic game, as is a package to make gnutls look like
openssl).
I'm hoping for a nss_compat_gnutls package some day...
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20071022/122cdd64/attachment.sig>
More information about the fedora-devel-list
mailing list