Am 02.04.2011 12:37, schrieb Jeroen Dekkers: > At Sat, 02 Apr 2011 08:38:46 +0200, > Christian Roessner wrote: >> >>>> I know, I will get flamed right now, but please do not use gnutls. >>>> Google for i.e. OpenLDAP and gnutls and follow the comments from Howard >>>> Chu, then you understand me. Or at least dear SOGo devs: please do not >>>> drop packges for Ubuntu/Debian on inverse, so people can use the openssl >>>> variant. >>> >>> There is no need to flame people who raise valid concerns. I was >>> actually thinking about using NSS instead of GnuTLS, but I don't have >>> a very strong opinion about it. I did have some problems with GnuTLS a >>> few years ago, but those problems might have been solved and I don't >>> have experience with NSS to compare with. Do you (of anyone else on >>> this list) know of any potential problem with using NSS? >> >> Sorry, I don't know about NSS (only name service switch ;-) ) > > NSS was orginally created by Netscape and now maintained by > Mozilla. It is used by all Mozilla products, but also for example by > OpenOffice.org and Chrome. See > http://www.mozilla.org/projects/security/pki/nss/ for more > information.
What I just saw there on the FAQ: How does NSS compare to OpenSSL? OpenSSL is an open source project that implements server-side SSL, TLS, and a general-purpose cryptography library. It does not support PKCS #11. It is based on the SSLeay library developed by Eric A. Young and Tim J. Hudson. OpenSSL is widely used in Apache servers and is licensed under an Apache-style licence. NSS supports both server and client applications as well as PKCS #11 and S/MIME. To permit its use in as many contexts as possible, NSS is triple-licensed under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. You may choose to use the code either under the terms of the MPL or the GPL or the LGPL. So, if projects can not be linked against OpenSSL, wouldn't be NSS the better choice than gnutls (also for other packages)? Thanks in advance Christian -- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gießen F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com
signature.asc
Description: OpenPGP digital signature
