[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: GnuTLS considered harmful

Gavin Henry wrote:
<quote who="Howard Chu">
I strongly recommend that GnuTLS not be used. All of its APIs would need
to be
overhauled to correct its flaws and it's clear that the developers there
too naive and inexperienced to even understand that it's broken.

So that means OpenLDAP on Debian is still not recommended if you don't compile your own OpenSSL and OpenLDAP.

Since they're committed to using GnuTLS, yes. Unfortunately for the Debian community, just because software is released under the GPL doesn't say anything about its quality.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/