On Fri, Nov 14, 2008 at 11:50 AM, Alvaro Lopez Ortega <[EMAIL PROTECTED]> wrote: > Hi there guys! > > Cherokee currently support the two most spread TLS/SSL libraries: > OpenSSL and GNUTLS. > > There isn't a clean reason for supporting both of them, actually. At > the beginning it was kind of interesting to support the two different > libraries, but nowadays I think it's much more important for the > project to be maintainable than feature redundant. > > That's the reason I'm sending this mail. I've been thinking lately > about dropping the GNUTLS support from Cherokee, and I'd to know what > you guys think of that. Would it impact you? > > At the end of the day OpenSSL (libssl) is a de-facto standard > nowadays, so even though we would lose some bizarre functionality > (such as be able to use OpenPGP certificates instead of X509 certs), I > think it would be a change for the best. > > So, what do you think? Speak now or forever hold your peace ;)
I know this would mean a lot of work and understand there's a 1 in a million chance of it succeeding, but for the sake of my pride I want to mention it: NSS - http://developer.mozilla.org/en/docs/NSS That's right, not the tried and true openssl, not the freedom loving upstart gnutls, but instead: NSS from Mozilla. I am not a C developer. I'm just a python web dev with a little sysadmin on the side. But I ran across this Fedora proposal and would love to see it succeed: http://fedoraproject.org/wiki/FedoraCryptoConsolidation I'm a Debian user, but I tried to get interest in this proposal in Ubuntu as well (with little success): http://brainstorm.ubuntu.com/idea/14632/ I am completely unable to articulate any technical reasons why Cherokee should join this consolidation effort. However, as a user and part-time-sysadmin, it would be a dream come true to have such a consolidated security stack *available* (even if its not required or even default). There are so many problems with my recommendation, you don't even need to respond. ;-) I just wanted to speak up and let a project know that there are people out there who would love for *nixes to have a more unified certificate system. Thanks, Michael Schurter _______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
