On 2012-11-12 2:31 PM, Ed W <li...@wildgooses.com> wrote:
Openssl is a *massive* project and I'm unsure that gnutls is much
smaller... We should assume that both are quite scary from a
"security" point of view. Licensing is the main thing which divides
them, gnutls is stated as GPL compatible (however, the nominal
incompatibility of openssl seems difficult to understand?)
OpenVPN integrated with PolarSSL and got Dutch government official
approval for the combined package. I think elsewhere it's stated that
openssl would not have been approved because something like the
codebase was too large to inspect and sign off
http://polarssl.org/news?item=0132
I haven't worked with PolarSSL, so no idea, but it's massively smaller
codebase is likely attractive if you are the kind of person who
actually *does* security audits on the software you run in secure
situations.
Openssl is just a complete swiss army knife of tools!
Very interesting... I'd certainly be interested in switching to it, as
long as the most common tools are supported
Is it considered a drop in replacement for OpenSSL?
--
Best regards,
Charles
