TLS libraries and licenses
loganjerry at gmail.com
Wed Nov 27 21:15:18 UTC 2013
On Wed, Nov 27, 2013 at 9:46 AM, Dan Williams <dcbw at redhat.com> wrote:
> You answered that just below; because OpenSSL is GPL incompatible.
> Since gnutls is LGPL, it can be used in most places openssl can be used,
> *plus* it can be used with GPL software. Obviously, consult your
> lawyers for the specifics of your situation.
Okay, that makes sense. Thanks for the answer.
> libgcrypt is actually just basic crypto, not TLS. gnutls is based on
> libgcrypt. So it's not an alternative to anything above for TLS stuff,
> but you'll get it anyway if you choose gnutls.
> You really only need to plan for one or both of NSS or gnutls. While it
> may not help you much because it doesn't do any TLS stuff,
> NetworkManager does have an abstraction layer for both NSS and gnutls
> for basic crypto and certificate/private-key operations:
> See any of the crypto* files.
Great, thanks for the pointer. I will definitely check that out.
More information about the devel