On Thu, Sep 29, 2005 at 03:19:18PM -0700, Steve Langasek wrote: > On Thu, Sep 29, 2005 at 03:27:30PM +0200, Richard Atterer wrote: > > On Thu, Sep 29, 2005 at 02:37:35PM +0200, Marco d'Itri wrote: > > > Why is openssl the default? > > > I think everybody agrees that in the long period everybody will want to > > > use gnutls, > > > No, as has been shown by the discussions in the last weeks, there is *no* > > agreement on which SSL library should be the default. > > There isn't? I saw some arguments that explain why it's not possible to > convert all curl-using applications from OpenSSL to GNUTLS without a > recompile due to unavailable ABI changes, but I thought it was pretty clear > that the default going forward should be the one whose license is maximally > compatible with that of applications using libcurl (i.e., GNUTLS).
Yes - I should clarify what I said: _In_the_long_run_ the agreed goal was to move to GnuTLS. However, above Marco asked why the _current_ default isn't GnuTLS. I'm not so sure whether it should be: Upstream's choice will remain OpenSSL for the foreseeable future, GnuTLS is allegedly still slightly more buggy than OpenSSL (does anyone have any details?) and is lacking some features. Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]