Hi, 2012/1/1 Andreas Aardal Hanssen <[email protected]>: > [*] http://www.gnu.org/software/gnutls/ - dropped because it clearly staged > it was in early Alpha stage at the time, which I find to be really scary for > a security framework, and currently I don't think the licensing looks very > interesting. If OpenSSL does the job then why use GnuTLS?
For what it's worth, I used to work on an application supporting both GnuTLS and OpenSSL. Our usage of OpenSSL ended up running into a few obscure, very hard-to-track bugs thanks to really obtuse API. GnuTLS had no such issues, and as such, was our recommended solution - and I'm hard pressed to think of many cases of bugs that we ever heard of that were caused by it. With regards to the question of library independence, I'd still argue that it's generally a good idea to be able to easily swap SSL implementations, and to avoid exposing library-specific details to clients. It's not something I feel too strongly about, though, as I certainly don't have any intention to write a GnuTLS backend anytime soon, even if it is something I'd enjoy seeing as a proof-of-concept. With regards to licensing, GnuTLS's LGPL license is certainly a lot more straightforward than the OpenSSL situation, but again, I don't feel strongly about this personally. $0.02, Robin _______________________________________________ Development mailing list [email protected] http://lists.qt-project.org/mailman/listinfo/development
