Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Guus Sliepen <firstname.lastname@example.org> wrote:
> The problem is that OpenSSL is much more than just an implementation of
> SSL/TLS. It is also provides a very extensive set of low-level
> cryptographic functions. There are many programs that use OpenSSL for
> the latter, not for the SSL/TLS layer. You just cannot drop in GnuTLS,
> MatrixSSL or PolarSSL for those.
> Some of the alternatives to OpenSSL come with the essential
> cryptographic primitves to support SSL/TLS built-in, others rely on
> external libraries to do that. For example, GnuTLS currently depends
> on Nettle.
However, gnutls exposes some cryptographic primitives through its
crypto API, so it is not necessary to directly use nettle (or
gcrypt) if the exposed subset is sufficient.
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'