Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?
Hello
My impression is that web based projects lean towards OpenSSL, while
for example the whole GTK/Gnome desktop stack is using GnuTLS (with
nettle/hogweed). So you will not get rid of either crypto stack.
Then I also think that OpenSSL 0.9.x/1.x and the new OpenSSL 3.x have
to be treated like two completely different libraries. They have
different licenses and intentionally broke APIs to end the mess that
OpenSSL was. It is a situation like Python 2 and 3, we will have both
around for a long time, because upstream code has to be ported to new
APIs.
An then there is NSS by Mozilla, and there is also libgcrypt, which is
the basis of GnuPG. To my knowledge, it does not even share core
routines with GnuTLS. GnuPG is also a core dependency for any Debian
installation that we will not get rid of.
tl;dr: There are many different crypto libraries which more or less do
the same thing, but we will not likely get rid of any.
Regards
Stephan
Reply to:
- Follow-Ups:
- Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?
- From: Simon McVittie <smcv@debian.org>
- Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?
- From: Andrey Rahmatullin <wrar@debian.org>
- Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?
- From: Russ Allbery <rra@debian.org>
- Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?
- From: Alexander Traud <pabstraud@compuserve.com>