On Mon, 2008-03-31 at 21:10 +0200, Rainer Gerhards wrote: > Hi sv, > > > the library that a lot of folks inside red hat and fedora are driving > > people to is the mozilla nss library. It handles all the bits openssl > > does and w/o the licensing problems. > > Sounds promising. I just found > > http://www.gnu.org/software/gnutls/comparison.html > > > And that makes GNU TLS quite appealing (no wonder given the source ;)). > Do you happen to have a link which tells why use nss? That would be > excellent (but I am of course searching myself). >
nss is fips certified: http://www.mozilla.org/projects/security/pki/nss/fips/ which makes it easier to use in large gov't agencies. gnutls is not certified. nss is also where the fedora/red hat crypto consolidation is going.... there is also an api-helper library for transitioning from openssl to nss. if at all possible, go with nss. -sv _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog
