On 08/02/17 14:12, Michael Wojcik wrote: >> From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On >> Behalf Of Mike Mohr Sent: Tuesday, February 07, 2017 22:21 > >> Licensing issues are indeed thorny. Why can't openssl perform a >> dynamic link? The soversion should handle any ABI issues introduced >> in later versions of GMP. > > Replace "thorny" with "completely unacceptable" for at least some > commercial users of OpenSSL. And dynamic linking does not solve the > problem, because customers would still have to get GMP. Some > companies refuse to ship GPL code in any form, regardless of whether > they've made modifications, and forcing customers to find and install > GMP is hardly reasonable. > > Providing TLS support in commercial software is already difficult > enough. Let's not make it harder in the hypothetical hope of eking > out a bit more performance. > > Anyone who really wants GMP could implement it as an OpenSSL engine. > That is, take the OpenSSL code for the algorithms you're using, copy > them into an engine, and then replace the BN math operations with > calls to GMP. FYI, there already *is* a GMP engine in 1.0.2. It got removed from 1.1.0 due to lack of use. It is not compiled by default. You have to use "enable-gmp". Not tried it though. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
