GnuTLS (was: Re: KSSL based S/MIME plugin available)
George Staikos
staikos at kde.org
Sun May 18 17:58:23 BST 2003
On Sunday 18 May 2003 09:36, Marc Mutz wrote:
> <snip>
>
> This thread prompted me to check gnutls' status again.
>
> They've finally made it LGPL and beta instead of GPL and alpha. It seems
> to appraoch v1.0.0 rapidly now (check the ChangeLog). It even supports
> OpenPGP certificates for TLS (though that part of the library is GPL).
>
> The only issue I can see is that they seem to have no support for SSLv2
> (and that they need testing, which a gnutls-using konq would surely
> provide en masse).
>
> So, maybe it's finally time to get rid of OpenSSL and it's problems?
> IIRC, even George was swearing about the OpenSSL's BIC and licensing
> issues.
It's incomplete, and I wonder if it implements all the bugfixes for SSL bugs
the way OpenSSL does. This needs investigation (it took a long time to make
konqueror compatible with all the HTTPS servers out there, and I don't want
to go back to a broken state again).
SSLv2 is a huge problem though. Without it, the library is useless for our
purposes.
Other issues:
- Portability - is it as portable as OpenSSL (which even works on VMS and
Win32)? (Is it portable to all platforms that KDE works on?)
- Hardware layer - OpenSSL provides hardware support now. Is it worth losing
support for this?
- Are they committing to SC and BC, or will it be the same story all over?
Finally, who is willing to write this? Not me...
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
More information about the kde-core-devel
mailing list