Simon Josefsson wrote: > Having more feedback on what kind of features XMPP wants from TLS > libraries will help TLS implementers (at least it will help me), and > making the requirements explicit may help the decision on what is the > best choice for XMPP too.
For OpenSSL and GnuTLS it is more about features of the bindings. Both libs have SRP and Finished message support for channel-bindings. But the Python bindings (that is what I care about) only support X.509. Well, it is even worse: OpenSSL's Python bindings are old and not updated anymore, GnuTLS does not have real bindings (only some strange ctypes based code flying around without real project homepage). I don't know about Ruby, C#, or any other language. GnuTLS only seems to have suitable Guile bindings -- but seriously, who uses these? If you are part of the GnuTLS team, maybe you can start a campain for good language bindings. The lack of bindings is why many people prefer OpenSSL. Add at least good support for Python and Ruby. Many XMPP client libs are written in scripting languages. Dirk -- ACK and you shall receive.
