On Mon, Jan 31, 2011 at 6:08 PM, Juan Lang <juan.l...@gmail.com> wrote: >> As Henri said, it's that it's a set of external dependencies (not just one; >> GnuTLS has its own dependencies) and that they are security-related. To the >> greatest extent practical, security-related libraries should come from one's >> distro or OS vendor. > > Sure, I can buy that. I'll note that OpenSSL is also available for > the Mac, and already loaded by wininet and winhttp. It could be > appropriate to move from GnuTLS to OpenSSL for schannel, so we'd only > have a single implementation for both Linux and Mac in schannel.
Just to be clear, legal issues were raised once before with OpenSSL. See here for Geoff Thorpe's reply regarding this issue: http://www.winehq.org/pipermail/wine-devel/2004-July/028061.html It sounds like things aren't nearly as murky as other licenses, but if we were in the position where we had to ship OpenSSL ourselves we might run into a problem. -Brian