Daniel Kahn Gillmor <[EMAIL PROTECTED]> writes: > On Thu 2007-05-03 12:04:44 -0400, Simon Josefsson wrote: > >> devel <[EMAIL PROTECTED]> writes: > >>> Support to hardware accelerator and other devices. >> >> Adding it would be good. > > I also think this would be worth including. openSSL's "engine" > architecture and NSS's "security modules" provide some food for > thought. I don't know GnuTLS well enough to know if there's a > comparable API for either of these, so i'd very much like to see them > compared by someone knowledgable.
Right, I think we should mention this. There is no equivalent feature in GnuTLS yet, but I'm working on PKCS#11 support to address one aspect of this (client smart card authentication) and made the first release a few days ago. > As nice as those frameworks are for encouraging hardware crypto > (smartcard support, etc), i think they also provide yet another place > for security concerns to pop up. So they're a mixed bag. Yup. > You might also want to clarify that this table is comparing *free* TLS > implementations, or else add some non-free implementations to the > list. Oh, right. I made this clear at the top of the page now. Btw, I'd like to add other free TLS libraries to the list. That's why I made the implementations have one row each in the tables, rather than having the implementations be one column each. This allows the list of implementations to be added easily, without clobbering the page too much. > Lastly, i'd be very excited if the headers of the various columns > could be links to the specifications of the features to which they > refer. That could make this page an all-around reference point for > TLS functionality and specifications, which would be great. Good idea. > Thanks for writing this up, Simon. It's great. Thanks for the support. I hope people more familiar with OpenSSL and NSS will provide the appropriate feedback. /Simon _______________________________________________ Help-gnutls mailing list Help-gnutls@gnu.org http://lists.gnu.org/mailman/listinfo/help-gnutls
