[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#139710: apt: implementing https method, need your agreement that I can link against openSSL

On Sun, 24 Mar 2002, Junichi Uekawa wrote:

> Tomas Pospisek <tpo_deb@sourcepole.ch> cum veritate scripsit:
>
> > I'm trying to implement the HTTPS method for apt. It seems that in order
> > to be able to link against openSSL I do need your (the author's explicit
> > permission to do so).
>
> I'm not the apt-maintainer, but is it not possible to use gnutls instead ?

It might but:

a) the docu states that gnutls is in a testing state and not "production"
   yet
b) only tls and ssl3.0 is supported along with only "strong" algorithms

If we want https support then my idea would be to make it as broadly
compatible as possible (SSL 1.0, 2.0 various algorithms that are in broad
use today etc.), which AFAIK openSSL can guarantee but (see b)) gnutls
does not seem to guarantee.

Unfortunately I'm no SSL expert so I'm not sure about this. If you are,
then please lighten me up ;-)
*t

-----------------------------------------------------------------------
     Tomas Pospisek
	 Infinite Justice for the World:
	 http://www.heise.de/tp/deutsch/inhalt/co/11621/11621_2.jpg
------------------------------------------------------------------------



-- 
To UNSUBSCRIBE, email to deity-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: