[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: GnuTLS considered harmful

On Sat, 2008-02-16 at 14:44 -0800, Russ Allbery wrote:
> Howard Chu <hyc@symas.com> writes:
> > Since they're committed to using GnuTLS, yes. Unfortunately for the
> > Debian community, just because software is released under the GPL
> > doesn't say anything about its quality.

> There are enough other reasons to use already-packaged software and enough
> reasons to use Debian in preference to other distributions (for what we're
> doing at Stanford; I'm not interested in discussing that position with
> anyone on this list) that it was worth helping fund the development of the
> GnuTLS support.  That support basically works, recommended or not, which
> is a better place than we were in before.  I can only hope that it will
> get better in the future, or that some miracle will happen with either
> OpenSSL licensing or Debian's legal interpretation of copyright, none of
> which I have any real control over.

What would it take to create a third way here with Mozilla's NSS?

For my sanity in Samba4, I keep bugging those involved with NSS and
nss_compat_ossl to create a gnutls-like API to NSS.  Some aspects of the
API I like, while other aspects of the GnuTLS implementation drive me
nuts - such as draining and blocking on /dev/random... 

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

Attachment: signature.asc
Description: This is a digitally signed message part