Re: curl status update
On Thu, Sep 29, 2005 at 03:19:18PM -0700, Steve Langasek wrote:
> On Thu, Sep 29, 2005 at 03:27:30PM +0200, Richard Atterer wrote:
> > On Thu, Sep 29, 2005 at 02:37:35PM +0200, Marco d'Itri wrote:
> > > Why is openssl the default?
> > > I think everybody agrees that in the long period everybody will want to
> > > use gnutls,
> > No, as has been shown by the discussions in the last weeks, there is *no*
> > agreement on which SSL library should be the default.
> There isn't? I saw some arguments that explain why it's not possible to
> convert all curl-using applications from OpenSSL to GNUTLS without a
> recompile due to unavailable ABI changes, but I thought it was pretty clear
> that the default going forward should be the one whose license is maximally
> compatible with that of applications using libcurl (i.e., GNUTLS).
Yes - I should clarify what I said: _In_the_long_run_ the agreed goal was
to move to GnuTLS. However, above Marco asked why the _current_ default
isn't GnuTLS. I'm not so sure whether it should be: Upstream's choice will
remain OpenSSL for the foreseeable future, GnuTLS is allegedly still
slightly more buggy than OpenSSL (does anyone have any details?) and is
lacking some features.
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯