On 10/22/2012 08:08 PM, Sam Varshavchik wrote: > I'm pretty sure that if both GnuTLS and OpenSSL get installed, OpenSSL > gets selected. Only if GnuTLS is the only one present, does GnuTLS get > the nod.
I've been building courier in mock for years, so I hadn't realized that. It looks like gnutls is specified as the BuildRequires when openssl is present (even if gnutls is also not present), so is the default in the mock environment. > I have been meaning to make GnuTLS the default for some time. I prefer > GnuTLS's API over OpenSSL's. It's much more sane. It does tend to > develop backwards compatibility issues occasionally, but it's just so > much better than OpenSSL, from a developer's standpoint, that the pain > is definitely worth it. I'd rather avoid having to do a third API. I'm largely with you. OpenSSL's license isn't GPL compatible, so it's go that going against it. I'm all for better APIs, but moving targets are a pain for developers and users alike. NSS is more mature than GnuTLS, and has FIPS 140 validation, which GnuTLS does not. Actually, I just noticed that Fedora (and by extension Red Hat) has the stated intention of consolidating on NSS for SSL: http://fedoraproject.org/wiki/FedoraCryptoConsolidation ... if that matters. ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
