On 28/02/2013 14:17, Timo Sirainen wrote:
On 27.2.2013, at 23.15, Charles Marcus <[email protected]> wrote:
Just curious if you ever thought about supporting other than just OpenSSL?
PolarSSL looks really interesting, has no major dependencies and is very
lightweight compared to OpenSSL, GNUTLS or others...
https://polarssl.org/
I guess it could be a lot of work, or not, anyway, I'm just curious…
I initially tried to support both OpenSSL and GNUTLS, and it was a lot of work.
I'm not really looking forward to that again :) But I guess after v2.3 the
Dovecot's lib-ssl-iostream API might become stable enough that other backends
could be implemented just once without having to keep changing them..
I believe the high profile user of polarssl is the Dutch government who
have approved OpenVPN + PolarSSL for use. (The point being that openssl
is just too huge to audit for security)
Ed W
