On 05/24/2011 06:37 PM, Adam Goode wrote:
Have a look at this too:
http://fedoraproject.org/wiki/FedoraCryptoConsolidation
It was supposed to be the way forward regarding all this. Last I
checked, it was only for applications, not libraries, though.
Now that _IS_ interesting. So NSS is the consolidation target? I was
under the impression that OpenSSL is a lot more prolific and it has more
application level support, of the ones listed on the page above, at
least the following:
1) Apache/mod_ssl (OK, this one's a tie since there's also mod_nss)
3) stunnel
5) wget
8) OpenLDAP
9) OpenSSH
14) postfix
So despite the effort to head in the direction of NSS, there are still
more applications supporting OpenSSL than NSS out of the box (and some
of those will build against either). IMO, that is a very good reason to
go with OpenSSL, especially since pushing this sort of thing upstream
can sometimes approximate herding cats.
But assuming I'm wasting my breath with that line of discussion, on a
more pragmatic level - what is the NSS support for cryptodev like?
Gordan