[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [DotGNU]Encryption protocols
From: |
Chris Smith |
Subject: |
Re: [DotGNU]Encryption protocols |
Date: |
Sat, 15 Mar 2003 00:30:38 +0000 |
User-agent: |
KMail/1.4.3 |
On Tuesday 11 Mar 2003 22:00, Norbert Bollow wrote:
> I think with "fairly compatible", Chris means "GPL-incompatible in a
> manner that can be worked around with a linking exception."
Yep. Basically, but I was also (badly) trying to raise the following:
> In any case, the GNU libs, libgcrypt and GNU TLS should be the
> default, simply because they're part of GNU, and if there should
> be a serious problem with either of them, we should contribute
> to fixing the problem rather than choosing a different default.
Which was the drift of my post. We should at least support openSSL but not
release code that _relies_ on it. That would be a no-no as Stephen quite
correctly points out it's not GPL friendly as far as we're concerned (from a
moral standpoint if nothing else!). However the end user deploying a system
for their own use may draw some comfort from being able to use openSSL, being
the mature respected package it is. It's one of those bits of licence-free
software that is accepted in the commercial world, and in the area of
security of all places!!
> However, of course when there are Free Software libs which are as
> popular as OpenSSL we want to make it easy (e.g. with a configure
> option) for people to link with OpenSSL instead of the default.
Exactly why I was suggesting that we implement the encryption layer(s) through
an abstraction layer to detatch the details of the chosen encryption toolkit
from the dotGNU 'proper' layer. (Kind of like DBI, DBD database abstraction
in Perl). That way multiple encryption toolkits can be supported beneith a
common interface.
This is of course ideally...... I know only too well the problems and
headaches this approach brings.... but does tend to benifit things in the
long run. If only we had the power of hindsight right now. Probably will
never happen. Just thought I'd mention it anyway.
'nuf said :o)
Chris
--
Chris Smith
Technical Architect - netFluid Technology Ltd.
"Internet Technologies, Distributed Systems and Tuxedo Consultancy"
E: address@hidden W: http://www.nfluid.co.uk
Re: [DotGNU]Encryption protocols, Peter Minten, 2003/03/09
Re: [DotGNU]Encryption protocols, Chris Smith, 2003/03/10