TLS Libraries
Michael McConville
mmcconville at mykolab.com
Sat Jun 20 15:15:51 EDT 2015
On Sat, Jun 20, 2015 at 03:01:45PM -0400, Michael McConville wrote:
> Currently, GnuTLS is our default TLS library and NSS is used if GnuTLS
> is unavailable or if ./configure is given the --enable-nss flag.
>
> Choosing one would simplify the configure script a lot and allow us to
> drop a good deal of preproc conditions and associated code. It'd also
> help reduce the amount of security-critical code. As always, though,
> there could be OS support problems.
>
> There's a ticket about this:
>
> https://developer.pidgin.im/ticket/16222
>
> The Yahoo/GnuTLS issue mentioned there has since been fixed.
>
> I've seen a few strange GnuTLS compatibility problems in the past, so my
> tentative and largely uninformed preference is NSS.
>
> Thoughts? Potential issues?
I don't know how relevant this is, but Weechat is an example of a
multi-protocol (with plugins) chat application that relies on a single
TLS library (GnuTLS).
More information about the Devel
mailing list