Re: OpenSSL

Moziila's implementation is available under MPL, which is even less
restrictive, but anyway - SSL itself is a bloatware - Famous Netscape's
child. Check out protocol v3 draft (!)
http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt

Victor Kirhenshtein wrote:

>I didn't heard about other GPL implementation of SSL.
>
>About upgrade: even binary package will need SSL library installed on
>the system. Not a problem in case of Linux or FreeBSD, but for other
>systems can be.
>
>-----Original Message-----
>From: Igor Kopman [mailto:Igor.Kopman_at_ctco.lv]
>Sent: Monday, June 06, 2005 10:13 AM
>To: NetXMS Developers talks
>Subject: Re: [netxms-dev] OpenSSL
>
>
>
>Is there at least one SSL implementation under GPL(2) which proved to be
>at least same stable as OpenSSL?
>
>Maybe it's worth it to extend "upgrade" scheme to: "deploy source
>package here, if successful - copy binaries to other machines"?
>
>-----Original Message-----
>From: Victor Kirhenshtein [mailto:victor_at_opticom.lv]
>Sent: 6 2005 . 9:57
>To: NetXMS Developers talks
>Subject: [netxms-dev] OpenSSL
>
>
>Hi all!
>
>Now we have to choose - use OpenSSL library or not. Below I try to
>summarize pros and cons of using OpenSSL:
>
>Positive:
>
>1. Well-tested encryption algorithm implementations
>2. Ready to use encryption layer
>3. Possibility to use certificates for authentication
>
>
>Negative:
>
>1. OpenSSL is a huge library, and we need only a few percents of it's
>functionality 2. If we need encryption between server and agents, each
>agent will be required to have OpenSSL library installed (and OpenSSL
>development package for source distribution). 3. I heard about problems
>with passing large chunks of data through OpenSSL, and NetXMS sometimes
>uses very large messages.
>
>
>Any comments?
>
>Regards,
>Victor
>
>
>
Received on Mon Jun 06 2005 - 10:44:59 EEST