1) http://www.kegel.com/ssl/ - short list of various ssl
implementations. Main two players on the market - OpenSSL and Mozilla's
crypto-api (http://www.mozilla.org/projects/security/pki/nss/ssl/)
2) scheme with distributing binaries from agent to agent will be too
complicated, only reasonable solution is to build a custom binary
package on sanbox machine and then deploy. anyway, the will be huge
problems with linuxes (at least) - or you must keep them up-to-date (and
synced!)
Igor Kopman wrote:
>Is there at least one SSL implementation under GPL(2) which proved to be at
>least same stable as OpenSSL?
>
>Maybe it's worth it to extend "upgrade" scheme to: "deploy source package
>here, if successful - copy binaries to other machines"?
>
>-----Original Message-----
>From: Victor Kirhenshtein [mailto:victor_at_opticom.lv]
>Sent: 6 èþíÿ 2005 ã. 9:57
>To: NetXMS Developers talks
>Subject: [netxms-dev] OpenSSL
>
>
>Hi all!
>
>Now we have to choose - use OpenSSL library or not. Below I try to
>summarize pros and cons of using OpenSSL:
>
>Positive:
>
>1. Well-tested encryption algorithm implementations
>2. Ready to use encryption layer
>3. Possibility to use certificates for authentication
>
>
>Negative:
>
>1. OpenSSL is a huge library, and we need only a few percents of it's
>functionality
>2. If we need encryption between server and agents, each agent will be
>required to have OpenSSL library installed (and OpenSSL development
>package for source distribution).
>3. I heard about problems with passing large chunks of data through
>OpenSSL, and NetXMS sometimes uses very large messages.
>
>
>Any comments?
>
>Regards,
>Victor
>
>
>
Received on Mon Jun 06 2005 - 10:40:27 EEST
This archive was generated by hypermail 2.2.0 : Mon Aug 01 2005 - 00:43:47 EEST