On Monday, February 21, 2022 9:56:08 AM CET Daniel Stenberg via curl-library wrote: > On Fri, 18 Feb 2022, Michael Stahl via curl-library wrote: > > NSS is much preferred over OpenSSL because it has an ABI; you can ship it > > as shared libraries and it's going to work - we are currently shipping > > NSS but it should also work to use it from the system, i attempted to do > > that some time ago but on the RHEL7 baseline it caused some unit test > > failures so i had to abandon that for now. > > Sorry, but to me that sounds primarily an argument against (some versions > of) OpenSSL, not a very strong argument in favor of NSS. I would personally > rather push for using another feature-rich alternative, like GnuTLS or > wolfSSL. Libraries that have better future prospects than NSS.
The argument here is that the software you built against NSS 10 years ago works against the system-provided libraries on modern Linux distributions, without any rebuild. This has never been the case for OpenSSL. I am not sure about the other two libraries you mention. Kamil -- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
