Le 10 juin 2013 07:06, Florian Weimer f...@deneb.enyo.de a écrit :
* Bastien ROUCARIES:
Maybe crypto consolidation arround libnss will greatly help here.
jessie release goal ?
NSS has lots of global state, and its proper initialization from
another library is difficult.
Could you give
* Bastien ROUCARIES:
Maybe crypto consolidation arround libnss will greatly help here.
jessie release goal ?
NSS has lots of global state, and its proper initialization from
another library is difficult. Switching over to it is probably
doable, but it's not really straightforward. On the
Brian May br...@microcomaustralia.com.au writes:
On 31 May 2013 20:19, Bastien ROUCARIES roucaries.bast...@gmail.com wrote:
Gnutls is really crappy about suid
see http://lists.debian.org/debian-devel/2010/03/msg00298.html
2+ years later or 2 Debian releases later, I would have hoped these
On Fri, May 31, 2013 at 4:42 AM, brian m. carlson
sand...@crustytoothpaste.net wrote:
On Thu, May 30, 2013 at 04:04:47PM +0200, Bastien ROUCARIES wrote:
Cons:
- not all crypto libraries are equivalent; choosing one will exclude
some functionality provided by others
SEE compat layer
-
On 31 May 2013 20:19, Bastien ROUCARIES roucaries.bast...@gmail.com wrote:
Gnutls is really crappy about suid
see http://lists.debian.org/debian-devel/2010/03/msg00298.html
2+ years later or 2 Debian releases later, I would have hoped these issues
would be, somehow, magically, fixed by now
On Fri, May 31, 2013 at 12:19:27PM +0200, Bastien ROUCARIES wrote:
On Fri, May 31, 2013 at 4:42 AM, brian m. carlson
sand...@crustytoothpaste.net wrote:
NSS does not support TLS 1.2. Since RC4 is not used securely in TLS,
and the only other choice in TLS 1.1 and earlier is block ciphers
On 30-05-13 13:16, Bastien ROUCARIES wrote:
Using only one lib for crypto (libnss) will allow to use only one
trust certificate format
'Allow only one' doesn't immediately strike me as beneficial, but I see
what you mean. The discussion is similar to others (such as about which
init system to
Le 30 mai 2013 14:08, Dennis van Dok denni...@nikhef.nl a écrit :
On 30-05-13 13:16, Bastien ROUCARIES wrote:
Using only one lib for crypto (libnss) will allow to use only one
trust certificate format
'Allow only one' doesn't immediately strike me as beneficial, but I see
what you mean.
On Thu, May 30, 2013 at 04:04:47PM +0200, Bastien ROUCARIES wrote:
Cons:
- not all crypto libraries are equivalent; choosing one will exclude
some functionality provided by others
SEE compat layer
- we somehow have to deal with legacy systems that can't convert
- adoption of new
9 matches
Mail list logo