[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: curl status update

On Thu, Sep 29, 2005 at 03:19:18PM -0700, Steve Langasek wrote:
> On Thu, Sep 29, 2005 at 03:27:30PM +0200, Richard Atterer wrote:
> > On Thu, Sep 29, 2005 at 02:37:35PM +0200, Marco d'Itri wrote:
> > > Why is openssl the default?
> > > I think everybody agrees that in the long period everybody will want to
> > > use gnutls,
> > No, as has been shown by the discussions in the last weeks, there is *no* 
> > agreement on which SSL library should be the default.
> There isn't?  I saw some arguments that explain why it's not possible to
> convert all curl-using applications from OpenSSL to GNUTLS without a
> recompile due to unavailable ABI changes, but I thought it was pretty clear
> that the default going forward should be the one whose license is maximally
> compatible with that of applications using libcurl (i.e., GNUTLS).

Yes - I should clarify what I said: _In_the_long_run_ the agreed goal was 
to move to GnuTLS. However, above Marco asked why the _current_ default 
isn't GnuTLS. I'm not so sure whether it should be: Upstream's choice will 
remain OpenSSL for the foreseeable future, GnuTLS is allegedly still 
slightly more buggy than OpenSSL (does anyone have any details?) and is 
lacking some features.



  __   _
  |_) /|  Richard Atterer     |  GnuPG key:
  | \/¯|  http://atterer.net  |  0x888354F7
  ¯ '` ¯

Reply to: