On 04/05/12 13:42, Rene Engelhard wrote:
On Fri, May 04, 2012 at 12:09:15PM +0200, Michael Stahl wrote:
of course replacing OpenSSL dependencies with GnuTLS doesn't help in
that regard, it only helps with the licensing issues you have.
seems the Fedora project is standardizing on NSS for crypto applications:
http://fedoraproject.org/wiki/FedoraCryptoConsolidation
Which is bad, imho. If switch, what about Gnutls?
we don't currently use GnuTLS for anything at all, and we do use NSS for
some things which is tested and works, so switching to GnuTLS would be a
lot more work.
also, AFAIK GnuTLS doesn't have a FIPS certification while NSS has
several certified versions, which isn't something i personally care
about but probably some people do.
Given nss needs a mozilla in use or at least installed to use
a certificate from there and stuff like
https://bugs.freedesktop.org/show_bug.cgi?id=45171 doesn't make me
think it's a good alternative (and never was)
AFAIK it only accesses a Mozilla profile if you want to sign documents,
to find user's certificates (LO doesn't have an UI for adding or storing
these, it can only select existing ones from the Mozilla profile), so
that does only concern the one use case where NSS is used already anyway
(or do you volunteer to implement a certificate add/remove GUI and
whatever storage code is required for GnuTLS?).
Context
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.