Hi On 4 February 2011 17:35, Rich Megginson <rich.meggin...@gmail.com> wrote: > On 02/03/2011 11:59 PM, Michael Wood wrote: >> >> On 4 February 2011 08:32, James Andrewartha<jam...@daa.com.au> wrote: [...] >>> Debian uses GnuTLS because OpenSSL has the non-GPL compatible >>> advertising clause, and libldap is linked into many GPL applications. So >> >> Ah, good point. >> >>> the solutions are fix the OpenSSL licensing or make GnuTLS not suck; I >> >> Or switch to something else. > > OpenLDAP 2.4.23 supports Mozilla NSS (triple licensed GPLv2+/LGPLv2+/MPL) > for crypto > Fedora 14 and later use this instead of OpenSSL
Interesting. But co-incidentally, there's a thread currently on the libcurl mailing list about comparisons between different SSL/TLS libs that are supported by libcurl. Howard Chu posted about GnuTLS and later about NSS. In the NSS message he said: "I understand that RedHat is now building their OpenLDAP packages with our MozNSS support. I don't believe this combination is ready for primetime by any measure. They still don't even have release quality code for handling PEM files, and their current experimental code crashes/misbehaves in common (for OpenSSL) deployment scenarios. https://bugzilla.mozilla.org/show_bug.cgi?id=402712 https://bugzilla.redhat.com/show_bug.cgi?id=642433" Here's the link to the message in libcurl's mailing list archive: http://curl.haxx.se/mail/lib-2011-02/0043.html -- Michael Wood <esiot...@gmail.com> ------------------------------------------------------------------------------ The modern datacenter depends on network connectivity to access resources and provide services. The best practices for maximizing a physical server's connectivity to a physical network are well understood - see how these rules translate into the virtual world? http://p.sf.net/sfu/oracle-sfdevnlfb _______________________________________________ Python-LDAP-dev mailing list Python-LDAP-dev@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/python-ldap-dev