On the contrary I'd prefer if it doesn't. Nettle is an open project
under LGPL that anyone can contribute and can be reused by a variety
of software; polarssl is closed commercial project under a commercial
license with a GPLv2 exception.
Oh well, I sometimes have the feeling if its open-source + backed by a
company there is more interest in avoiding another case of heartbleed or
similar but I guess we will see about that. Companies are not
necessarily evil. Plus nobody said anything about dropping nettle
support. Maybe just a little abstraction layer for the crypto stuff
would be useful so that other libraries can be used. Heck maybe even add
openssl support. That is 10x bigger but still 100x more reusable in
terms of other daemons but not necessarily a candidate for default
builds either.
Also I would probably let all the DNSSEC deployment and the dnsmasq
implementation mature a bit more before considering to enable it by default
for everyone. But thats just my personal opinion.
Well, it will never mature if it is not distributed :)
Well, you are not the one getting all the bugreports about mysterious
DNS disfunction with certain zones then :P
Anyway personally I would like to at least have prepackaged dnssec
support ready for installation so people don't have to compile
themselves thats one step closer to general adoption than just having a
buildoption somewhere deep down in menuconfig. Once Andre sends his next
batch of patches we can think about merging it, but that would mean I
would have to move nettle to the core repo and adopt it myself since we
don't want to have dependencies from core to any of the feeds.
Cheers,
Steven
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
