[Openvas-devel] Start: replacing OpenSSL by GNU/TLS

Daniel Cabezas danielcabezas at hotmail.com
Mon Mar 26 16:26:42 CEST 2007

Hi all,

Don´t want to talk much about an issue which I don´t know well, but why 
aren´t other alternatives studied? I mean, like matrixssl. That stub of 
wrapper functions could make any underlying ssl engine work, and the binary 
deployment responsible would be able to choose which library to link openvas 


>From: Tim Brown
>To: openvas-devel
>Subject: Re: [Openvas-devel] Start: replacing OpenSSL by GNU/TLS
>Date: Mon, 26 Mar 2007 15:19:17 +0100
>On Monday 26 March 2007 15:09, Jan-Oliver Wagner wrote:
> > I am pretty sure the OpenSSL guys do not want this. There is an
> > explicit mentioning of incompatibiliy with GPL. Many other products
> > have had the same problem discussed.
>Quite.  They have chosen the licence for their own reasons and I doubt this 
>something that they will change for us.
> > > Assuming they will not do this then I agree would make sense to 
> > > OpenSSL.
> >
> > I fear so, but I see it also as a chance to review the code for secure
> > connections carefully.
> >
> > > Does the lack of FIPS certification cause any problems?
> >
> > I leave this question to the US guys. AFAIKT, this does not concern
> > europe.
>Aye, nothing in UK law that requires use of OpenSSL ATM.
>One more possible solution would be write our own stub code (of some
>description - separate library?) which would support both OpenSSL and
>GNU/TLS.  Depending on how this was implemented this might be a suitable
>solution - since the stub code would be written by us and could be given an
>exception?  Need to do more reading to confirm if this would be a suitable
>Tim Brown

Horóscopo, tarot, numerología... Escucha lo que te dicen los astros. 

More information about the Openvas-devel mailing list