On 6/6/05, Gervase Markham <[EMAIL PROTECTED]> wrote: > The implementation of SSL in the Netscape NSS libraries is available > under the GPL, and I believe certain versions of it have FIPS validation. > http://www.mozilla.org/projects/security/pki/nss/fips/
I'm delighted to hear that. It does not seem that the same is true of YaSSL, and it perplexes me that MySQL has chosen it. Do you know whether the NSS implementation is being certified at source code level (a very unusual arrangement) using the sort of maneuvers mentioned in the Linux Journal article on DMLSS? Cheers, - Michael P. S. If you think that an FSF vendetta against OpenSSL would be an anomaly, or that RMS is purist about copyright law when it comes to his own conduct, you might be interested in Theo de Raadt's comments at http://www.monkey.org/openbsd/archive/tech/0002/msg00171.html . I don't necessarily agree with his opinions on the ethics of the GPL, but if he speaks from personal knowledge on RMS's handling of code owned by Symbolics, I'm rather disappointed in RMS.
