On 01/01/2012 04:51 PM, ext Andreas Aardal Hanssen wrote: > (...) > The other options I imagined were GnuTLS [*], and using native SSL support > should that exist. > > Today the backend separation is still around but it only complicates the > code unless there truly are other backends to support.
I don't know GnuTLS at all, but I would say if there was another backend we might want to support then it is NSS, as it is used by Mozilla and Google Chrome on Linux, so I assume it to be stable and well tested, + they seem to care a lot about blacklisting certificates etc. But anyway, this is more a theoretical thought these days, I don't see another backend being implemented anytime soon... but I am still in favour of keeping the distinction between what is common SSL logic and what is OpenSSL specific. Btw. nice Wiki page, Rich :) Peter > > What are your thoughts on this? > > Andreas > > [*] http://www.gnu.org/software/gnutls/ - dropped because it clearly staged > it was in early Alpha stage at the time, which I find to be really scary > for a security framework, and currently I don't think the licensing looks > very interesting. If OpenSSL does the job then why use GnuTLS? > > > > > _______________________________________________ > Development mailing list > [email protected] > http://lists.qt-project.org/mailman/listinfo/development _______________________________________________ Development mailing list [email protected] http://lists.qt-project.org/mailman/listinfo/development
