At Thu, 7 Apr 2011 00:34:01 +0000, Clint Adams wrote: > > Christian Roessner said: > > So, if projects can not be linked against OpenSSL, wouldn't be NSS the > > better choice than gnutls (also for other packages)? > > This video contains information about the flaws in many SSL/TLS toolkits: > > http://www.youtube.com/watch?v=y3cfEP05LDA
Slides are here: http://www.slideshare.net/bagder/libcurl-seven-ssl-libraries-and-one-ssh-library And the last slide links to http://curl.haxx.se/docs/ssl-compared.html which might also be interesting. I actually choosed GnuTLS in the end, because NSS requires to use NSPR (Netscape Portable Runtime) sockets instead of just normal sockets. This would mean also changing the NSActiveSocket class and maybe more instead of just a few lines NSActiveSSLSocket. I've almost finished my patch, it compiles but I still have to test whether it really works. -- users@sogo.nu https://inverse.ca/sogo/lists
