On Thu, 02 Dec 2010 12:10:29 +0100 Matthias Andree <matthias.and...@gmx.de> wrote:
> > most distro switch from openssl to nss. is there any reason you switch > > to polarssl in stead of nss? > > > > What do you base the "most distro" assessment on? > > Are you aware of any website discussing the advantages of the "big" SSL > providers (OpenSSL, Mozilla NSS, GnuTLS, PolarSSL, CyaSSL, ...)? These pages seem to provide a good comparison: http://www.gnu.org/software/gnutls/comparison.html http://en.wikipedia.org/wiki/Comparison_of_TLS_Implementations Unfortunately, PolarSSL is not included in those tables, I think because it's targeted more to embedded systems rather than normal systems. FWIW, I too think modularization is good; once the SSL-dependent code is abstracted and separated in its own module, modules can be written for any SSL library. -- D.