Re: [Swan-dev] [cryptography] Announcing Mozilla::PKIX, a New Certificate Verification Library (fwd)
On Mon, Apr 07, 2014 at 07:22:51PM -0400, Paul Wouters wrote: wonder if we can use this instead of the legacy x509 code I would prefer avoiding having to maintain yet another crypto library. Needing openssl and gnutls26 is enough thank you. Routers have no need to run firefox and hence have no need to have libnss installed, so can we try to keep it that way? -- Len Sorensen ___ Swan-dev mailing list Swan-dev@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-dev
Re: [Swan-dev] [cryptography] Announcing Mozilla::PKIX, a New Certificate Verification Library (fwd)
On Thu, Apr 10, 2014 at 10:40:40AM -0400, Lennart Sorensen wrote: On Mon, Apr 07, 2014 at 07:22:51PM -0400, Paul Wouters wrote: wonder if we can use this instead of the legacy x509 code I would prefer avoiding having to maintain yet another crypto library. Needing openssl and gnutls26 is enough thank you. Routers have no need to run firefox and hence have no need to have libnss installed, so can we try to keep it that way? Libreswan already depends on NSS for crypto, not openssl. Matt ___ Swan-dev mailing list Swan-dev@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-dev