[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] let's fix the openssl backend once and for all
From: |
Mike Frysinger |
Subject: |
Re: [Bug-wget] let's fix the openssl backend once and for all |
Date: |
Fri, 31 Oct 2014 14:42:08 -0400 |
On 30 Oct 2014 19:47, Giuseppe Scrivano wrote:
> Mike Frysinger writes:
> > On 30 Oct 2014 12:18, Giuseppe Scrivano wrote:
> >> Tim Rühsen <address@hidden> writes:
> >> > as I wrote to Mike: It is the OpenSSL code within Wget. Wget compiled
> >> > with
> >> > GnuTLS does not show any problems.
> >>
> >> and this remembers us that maintaining two different backends is not a
> >> good idea. I am for just moving to GNU TLS and forget about OpenSSL.
> >> It is a bit drastic but I think it is a better move for the long term.
> >> And we get rid of the copyright exception as well...
> >
> > fwiw, in Chromium OS, we've been moving the opposite direction -- away from
> > gnutls & nss and only to openssl. but i guess it's not that big of a deal
> > to
> > also move to curl and away from wget if need be. i think most distros tend
> > to
> > default to wget && openssl too (since more projects support openssl). but
> > having GNU projects favor their own is not surprising.
>
> except that GnuTLS is not a GNU project anymore, so that is not the
> reason of my idea; rather the fact of having a compatible license and
> just one way of doing the same thing. They are both used in very
> important projects, so I would say they are both very mature and
> stable.
> So, is there anything that OpenSSL is doing better than GnuTLS and that
> has any advantage for wget and its users?
i can't speak to the quality level of either, but i'm fairly certain neither is
a smashing success. i'm sure both have their own sets of tradeoffs, and the
goal of the wget project probably heavily weighs into which tradeoffs matter
more. the Chromium security guys evaluated the three libraries from the
perspective of what matter most to that project (with the requirement that
there be only one library, for maintenance/security/size/overhead/etc...
reasons), and they settled on openssl.
if wget wanted to simplify and go with gnutls, that might make sense for the
wget project. distros still certainly have the option of using curl+openssl.
note: my position is not "if you don't keep openssl i'm taking my toys and
going home!". i'm not on the hook to keep upstream wget alive/working :).
merely providing some context for different distros.
-mike
signature.asc
Description: Digital signature
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, (continued)
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Tim Ruehsen, 2014/10/27
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Tim Ruehsen, 2014/10/28
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Mike Frysinger, 2014/10/29
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Tim Rühsen, 2014/10/29
- [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Giuseppe Scrivano, 2014/10/30
- Re: [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Darshit Shah, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Giuseppe Scrivano, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Tim Rühsen, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Mike Frysinger, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Giuseppe Scrivano, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all,
Mike Frysinger <=
- Re: [Bug-wget] let's fix the openssl backend once and for all, Ray Satiro, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Giuseppe Scrivano, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Tim Ruehsen, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Giuseppe Scrivano, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Daniel Stenberg, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Giuseppe Scrivano, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Daniel Stenberg, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Daniel Stenberg, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Darshit Shah, 2014/10/31
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Tim Ruehsen, 2014/10/30