On 30-05-13 13:16, Bastien ROUCARIES wrote:

> Using only one lib for crypto (libnss) will allow to use only one
> trust certificate format

'Allow only one' doesn't immediately strike me as beneficial, but I see
what you mean. The discussion is similar to others (such as about which
init system to support) where the question is 'why do we have X
implementations of Y?' where X > 1.

There are pros and cons to such a bold plan as you propose. I can think
of a few, and I'm sure others can think of many more. But more
importantly, it takes effort to work out the plan, inventory the pros
and cons, calculate the required efford and herd it along. Most work on
Debian is on a voluntary basis, the available effort depends on what
people will want to invest (even just to read this e-mail!). I'm not
volunteering.

But to seed the discussion (maybe):

Pros: having only one crypto system will simplify the handling of
certificates.

Cons:

- not all crypto libraries are equivalent; choosing one will exclude
some functionality provided by others
- we somehow have to deal with legacy systems that can't convert
- adoption of new software that uses something else is harder

Cheers,

Dennis van Dok
-- 
D.H. van Dok :: Software Engineer :: www.nikhef.nl/grid ::
Phone +31 20 592 22 28 :: http://www.nikhef.nl/~dennisvd/


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/51a74103.5040...@nikhef.nl

Reply via email to