Micah Cowan <mi...@cowan.name> writes: > On 06/14/2010 08:32 AM, Giuseppe Scrivano wrote: >> By the way, I see that currently OpenSSL is preferred over GNU TLS (not >> only under Windows), I would invert this. > > The current GNU TLS support is broken: that needs to be fixed first. My > understanding is that it doesn't do all the checks it ought to do, so > allows sites that lie about who they are. But I think it handles the > encryption itself alright.
Yes, I have noticed it. I am working on it and I have a small patch that removes the "broken" part. > I know that RMS had expressed a desire to remove the licensing exception > we currently have for OpenSSL once GNUTLS support was working properly. > I'm not particularly crazy about that, myself. I am, a bit :-) Also GNU TLS makes cross-compiling much easier than it is with OpenSSL now. Cheers, Giuseppe
