-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/04/12 11:55, Fabian Knittel wrote:
The only advantage I see at runtime switching, is that it's easier for distributors to support both SSL/crypto library platforms. Except of that, I don't see much benefits of it. And f.ex. in the use case of OpenVPN-NL, I doubt this will be considered interesting at all, as they do static linking against the SSL/crypt libraries - to ensure that the libraries Fox-IT have reviewed and certified for governmental usage are used, and not a potentially compromised or weakened third-party library. To be very honest, I don't think it's worth the effort of adding dynamic loading of SSL/crypto libraries at run time. Having it at compile-time provides the needed flexibility. Yes, distribution can benefit from it, but is that burden so big we need to modify OpenVPN for it? Let's rather stay cool now and rather discuss and consider such a move for OpenVPN 2.4. Then we will know more what distributors thing about it. kind regards, David Sommerseth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk95el4ACgkQDC186MBRfrq+FQCghLkCxKyMxiERcbYeChKmtmKu WyIAn3t51ek+uM68tEPij5dO89GpRWHO =HQCn -----END PGP SIGNATURE-----
