[Openvas-devel] Start: replacing OpenSSL by GNU/TLS
danielcabezas at hotmail.com
Mon Mar 26 16:26:42 CEST 2007
Don´t want to talk much about an issue which I don´t know well, but why
aren´t other alternatives studied? I mean, like matrixssl. That stub of
wrapper functions could make any underlying ssl engine work, and the binary
deployment responsible would be able to choose which library to link openvas
>From: Tim Brown
>Subject: Re: [Openvas-devel] Start: replacing OpenSSL by GNU/TLS
>Date: Mon, 26 Mar 2007 15:19:17 +0100
>On Monday 26 March 2007 15:09, Jan-Oliver Wagner wrote:
> > I am pretty sure the OpenSSL guys do not want this. There is an
> > explicit mentioning of incompatibiliy with GPL. Many other products
> > have had the same problem discussed.
>Quite. They have chosen the licence for their own reasons and I doubt this
>something that they will change for us.
> > > Assuming they will not do this then I agree would make sense to
> > > OpenSSL.
> > I fear so, but I see it also as a chance to review the code for secure
> > connections carefully.
> > > Does the lack of FIPS certification cause any problems?
> > I leave this question to the US guys. AFAIKT, this does not concern
> > europe.
>Aye, nothing in UK law that requires use of OpenSSL ATM.
>One more possible solution would be write our own stub code (of some
>description - separate library?) which would support both OpenSSL and
>GNU/TLS. Depending on how this was implemented this might be a suitable
>solution - since the stub code would be written by us and could be given an
>exception? Need to do more reading to confirm if this would be a suitable
Horóscopo, tarot, numerología... Escucha lo que te dicen los astros.
More information about the Openvas-devel