One of my tasks for 3.6 is to update/improve the SSL code. Long ago, I
had decided that part of the next major update to SSL should include
switching from OpenSSL to PolarSSL. Why? Two reasons.
(1) The OpenSSL API is awful, and poorly documented to boot. We have to
go through some rather
I think the main question regards CentOS support, with further questions about
Debian/Ubuntu support.
If we have to ship PolarSSL packages with our releases to support major
distros, is that too much of a burden?
-JM
- Original Message -
One of my tasks for 3.6 is to update/improve
I think the main question regards CentOS support, with further questions
about Debian/Ubuntu support.
I believe CentOS would leverage the EPEL support. PolarSSL is already
packaged for Debian (Wheezy) and Ubuntu (Trusty) so we should be set.
If we have to ship PolarSSL packages with our
On 05/27/2014 09:43 AM, Jeff Darcy wrote:
So, before I expend a ton of effort replacing this code, does anyone
else think it shouldn't be done and that the enhancements should be made
to the current OpenSSL code instead?
The most compelling arguments — to me — are the speed with which things
On 05/27/2014 11:00 AM, Kaleb KEITHLEY wrote:
In any event, it's license didn't pollute our code. Do we need
to have our attorney bless the change.
_its_ license didn't pollute our code.
--
Kaleb
___
Gluster-devel mailing list
My only concern is its 'pure' GPLv2+ license — is that compatible with
with our 'GPLv2 or LGPLv3+' license.
The answer that matters, as always, is that only a real lawyer can say.
My own uninformed guess is that we would be considered a derivative of
them (instead of vice versa) and thus we'd
It has a specific exclusion for GPL 3.0.
https://polarssl.org/foss-license-exception
On May 27, 2014 8:01:51 AM PDT, Kaleb KEITHLEY kkeit...@redhat.com wrote:
On 05/27/2014 11:00 AM, Kaleb KEITHLEY wrote:
In any event, it's license didn't pollute our code. Do we need
to have our attorney bless
Also, IANAL, but their code is GPL compatible, even if they are being
dicks and requiring copyright assignment for their proprietary dual
licensing. But at least their code is GPL compatible, which OpenSSL's
is not. So I say +1, use this.
On Tue, May 27, 2014 at 11:44 AM, Joe Julian
The only thing that I find that may be an issue for some use cases is
https://polarssl.org/kb/generic/is-polarssl-fips-certified
On May 27, 2014 6:43:54 AM PDT, Jeff Darcy jda...@redhat.com wrote:
One of my tasks for 3.6 is to update/improve the SSL code. Long ago, I
had decided that part of
The only thing that I find that may be an issue for some use cases is
https://polarssl.org/kb/generic/is-polarssl-fips-certified
Not meaning to sound flippant, but if we ever did seek FIPS
certification I suspect that our choice of SSL library would be the
least of our worries.
10 matches
Mail list logo
