According to a previous post, previous versions of NSS (using BSAFE as
engine) have been around for a few years on server products: it's not a
brand new development.
Anyway, a good feature in NSS still missing in OpenSSL is the PKCS#11
support for hardware tokens.
Enzo
- Original Message
-BEGIN PGP SIGNED MESSAGE-
I remember you expressing such sentiments on the mozilla security list some
months ago. But, there are problems with the OpenSSL license. And not
enough crossplatform support. And, I'm a big believer in multiple
independent implementations.
Ben Laurie
William Allen Simpson wrote:
-BEGIN PGP SIGNED MESSAGE-
I remember you expressing such sentiments on the mozilla security list some
months ago. But, there are problems with the OpenSSL license.
As far as I can tell, the problems are invented rather than real. At
least I can't
-BEGIN PGP SIGNED MESSAGE-
Ben Laurie wrote:
As far as I can tell, the problems are invented rather than real. At
least I can't recall any real problems except "it isn't the licence we
want it to be".
I was not aware that OpenSSL had changed to be compatible with GPL.
And I
from http://www.wired.com/news/business/0,1367,38855,00.html
---
Jacobs told people at the conference that the IBM laptop, which he had
used for a slide show-type presentation focusing on Qualcomm's (QCOM)
wireless telecommunications technology, contained proprietary
information that
William Allen Simpson wrote:
-BEGIN PGP SIGNED MESSAGE-
Ben Laurie wrote:
As far as I can tell, the problems are invented rather than real. At
least I can't recall any real problems except "it isn't the licence we
want it to be".
I was not aware that OpenSSL had changed
In [EMAIL PROTECTED], on 09/18/00
at 02:09 PM, Ben Laurie [EMAIL PROTECTED] said:
William Allen Simpson wrote:
Fallout from the early RSA release into public domain, the references
to BSAFE have been replaced, and a bunch of stuff are GPL. Is there
a team of folks doing independent
the OpenSSL project was not accepting code from US sources. Has this policy changed?
Yes. The various members of the openssl-core team either
agree that the current regulations remove their concern; or
feel that even though there are issues it's not worth dealing with now
US
-BEGIN PGP SIGNED MESSAGE-
Now, I didn't start this thread to argue about licenses. I just wanted
folks to review code, should they be so inclined. So, this is my last
comment. Sorry that someone took umbrage.
Ben Laurie wrote:
William Allen Simpson wrote:
I was not aware that