Stephen Frost wrote:
>* David Boreham (david_list(at)boreham(dot)org) wrote:
>>Stephen Frost wrote:
>>>Not sure what license that's under,
>>'NSS is available under the Mozilla Public License, the GNU General
>>Public License, and the GNU Lesser General Public License.'
>Works for me then, and it's already packaged in Debian. The only
>downside that I can see is that the work isn't done yet and if we want
>to support both OpenSSL and NSS then the patch will be at least somewhat
>invasive/large (since I doubt NSS's API is anything like OpenSSL's,
>please correct me if I'm wrong).
Unfortunately the NSS and OpenSSL I/O design is quite different.
There has been talk over the years (since at least 1996) of adding
OpenSSL-like interfaces to NSS, but AFAIK this has never been done.
NSS presents a 'layered' I/O model where the application talks to
a socket-like API. It also depends on NSPR. For these reasons
I would hesitate to recommend it for use in a server vs. OpenSSL.
In response to
pgsql-hackers by date
|Next:||From: Tom Lane||Date: 2007-01-02 18:55:28|
|Subject: Re: TODO: GNU TLS |
|Previous:||From: Andrew Dunstan||Date: 2007-01-02 18:44:34|
|Subject: Re: TODO: GNU TLS|