On Wed, 2004-09-08 at 14:02 +0300, Pekka Savola wrote: > On Wed, 8 Sep 2004, Rui Miguel Seabra wrote: > > On Tue, 2004-09-07 at 23:28 -1000, Warren Togami wrote: > > > I just noticed this in cvs-commits. Another new instance of GPL linking > > > with openssl. Problematic? > > > > > > Even if the vsftpd authors wont sue us for any possible GPL violation, > > > does this possibly open a weak link in vsftpd's supposedly "very > > > secure"ness? Even if ssl is disabled by default in our config? Please > > > be sure... > > > > I think the case is beggining to grow for inclusion of GNUtls. > > Replacing OpenSSL with GNUtls would very likely increase, not > decrease, the security implications. Inclusion. Not replacement. The inclusion would be specifically intended to solve... > >From the license/policitical/religious point of view, it might be > closer in spirit to the vsftpd though. Anyway, do you have any data to backup your defamatory statement? OpenSSL hasn't exactly been void of serious issues... Rui -- + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...? Please AVOID sending me WORD, EXCEL or POWERPOINT attachments. See http://www.fsf.org/philosophy/no-word-attachments.html
Attachment:
signature.asc
Description: This is a digitally signed message part
