[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: openssl vs. GPL question

On 6/6/05, Gervase Markham <gerv@mozilla.org> wrote:
> The implementation of SSL in the Netscape NSS libraries is available
> under the GPL, and I believe certain versions of it have FIPS validation.
> http://www.mozilla.org/projects/security/pki/nss/fips/

I'm delighted to hear that.  It does not seem that the same is true of
YaSSL, and it perplexes me that MySQL has chosen it.

Do you know whether the NSS implementation is being certified at
source code level (a very unusual arrangement) using the sort of
maneuvers mentioned in the Linux Journal article on DMLSS?

- Michael

P. S.  If you think that an FSF vendetta against OpenSSL would be an
anomaly, or that RMS is purist about copyright law when it comes to
his own conduct, you might be interested in Theo de Raadt's comments
at http://www.monkey.org/openbsd/archive/tech/0002/msg00171.html .  I
don't necessarily agree with his opinions on the ethics of the GPL,
but if he speaks from personal knowledge on RMS's handling of code
owned by Symbolics, I'm rather disappointed in RMS.

Reply to: