> I looked at libressl a bit. It still has the same license emcumbrances > as openssl. So no real win there. And, since it's not packaged as part > of many linux distributions, the gpl/ssleay license incompatibility issue > becomes a real problem here. Hopefully a future version of libressl will > adopt a plain bsd license. I know they were working hard to discard > the crufty openssl build system, a good thing. When I worked with an > earlier version of openssl (adding a new hash or encryption algorithm, > I don't remember which today), I remember being disappointed at finding > internal interfaces that just assumed various max sizes of things. I hope > the libressl folks work on making those things better too. > > I'm not familiar with google's "boringSSL". Do you have some references > for it? I won't have the time to look at it right now - but I don't mind > learning at least a bit more about it. I see from wikipedia that it's > yet another fork of openssl - will they fix the license issue? > > I did look (mostly superficially) at, > botan libressl gnutls matrixssl mbed wolfssl cryptlib nss > & apple's "secure transport" > It was mostly superficial because my first question was "are there > a lot of other people using this" aka "am I going to be debugging > and supporting this myself"? BoringSSL https://boringssl.googlesource.com/boringssl/ This might also be worth a look: https://github.com/awslabs/s2n -- Kyle Bader -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
