GnuTLS preferable to, and/or safer than, NSS?
foutrelis at archlinux.org
Wed Sep 5 07:07:18 EDT 2012
I thought this might be an appropriate place to ask.
Would it be better for users' safety to use GnuTLS for SSL support
instead of NSS?
The reason I'm asking is a report I got today , which links to a
ticket on Pidgin's tracker . This ticket points to certificate
verification code which has been disabled using preprocessor
directives. However, Pidgin appears to be doing its own verification
by calling purple_certificate_verify() from within
If someone is knowledgeable in the SSL support code, it would be
helpful for me to know the main advantages/disadvantages of the GnuTLS
vs NSS implementations in Pidgin and which one is preferable. :)
More information about the Packagers