Let's drop support for NSS!

Peter Lawler bleeter at gmail.com
Fri Sep 12 21:58:52 EDT 2014


On 13/09/14 11:45, Luke Schierer wrote:
>
> On Sep 12, 2014, at 19:13 EDT, Mark Doliner <mark at kingant.net> wrote:
>
>> I mentioned this a year and a half ago[1]. I'd like to drop support
>> for using Mozilla NSS for TLS and standardize on GnuTLS (only in the
>> master branch, not in release-2.x.y). We can keep TLS support
>> pluginable so that Adium can continue to use OpenSSL (which we're
>> generally ok with because we consider OpenSSL to be a part of OS X,
>> and the GPL has a special inclusion for stuff that's considered part
>> of the OS).

> The only objection I have is not a technical one.  Some users care about FIPS certifications, and some versions of NSS are in fact FIPS certified, while no version of GnuTLS are certified.
>

My 2c.

I'm not a huge fan of FIPS foo however I agree with Luke on this point.

Pete



More information about the Devel mailing list