[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: apache defaulting to openssl instead of gnutls

On Tue, 07 Feb 2012 17:09:01 +0100, Alberto Fuentes wrote:

> On 07/02/12 16:49, Camaleón wrote:
>> On Tue, 07 Feb 2012 15:52:31 +0100, Alberto Fuentes wrote:
>>
>>> I just found out that openssl does not implement tls 1.1 or 1.2 and
>>> gnutls do implement them. I was wondering why for example apache2
>>> defaults to openssl instead of libapache2-mod-gnutls.
>>>
>>> Just out of curiosity
>>
>> My guess for upstream Apache2 defaulting to "mod_ssl" is because it's
>> an older development and also a proven technology.
>>
>>
>>
> I read somewhere that the apache folks does not like gpl as much...

At the time of Apache 1.x there weren't many choices for the SSL 
implementation. Anyway, while they're open source friendly, it should be 
fine. I neither liked GPL much, I'm more BSD inclined.

> Anyway, my question is about debian, where maintainers can correct
> upstream decisions... and what was what made them keep the upstream
> choice... :)

I cant't tell for packagers but I don't see a good reason to change this 
default. mod_gnutls is pretty new when compared to openssl's and when it 
comes to a web server, I prefer defaulting to stability and rock-solid/
well tested software than other with new functionalities or additions, 
given they can be enabled afterwards.

Greetings,

-- 
Camaleón
Reply to: