Am 02.12.2010 10:46, schrieb Farkas Levente: > On 12/02/2010 10:05 AM, Adriaan de Jong wrote: >> Hi List, >> >> We've been working on OpenVPN in preparation for a security evaluation. This >> entailed documenting OpenVPN at a relatively high level, removing the >> dependencies on OpenSSL, and adding support for a simpler, easier to >> evaluate library (PolarSSL). >> >> This was done in a series of patches: >> - Patch 1: Adds documentation to OpenVPN through Doxygen. >> - Patch 2: Splits out OpenSSL-specific code, defining a clean "backend" >> interface for both the crypto and SSL modules. Splits the SSL module into >> channel setup and verification sub-modules. >> - Patch 3: Adds a backend for PolarSSL. >> >> We'd love to release these patches to the community. Unfortunately, the >> patches are now based on 2.1.4, and need to be rebased to a newer version. >> Before we spend time on updating the patches to the current revision of >> OpenVPN, we'd like to know whether there is an interest in these patches >> from the community. > > most distro switch from openssl to nss. is there any reason you switch > to polarssl in stead of nss? >
What do you base the "most distro" assessment on? Are you aware of any website discussing the advantages of the "big" SSL providers (OpenSSL, Mozilla NSS, GnuTLS, PolarSSL, CyaSSL, ...)? -- Matthias Andree
