From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, Robert Treat <xzilla(at)users(dot)sourceforge(dot)net>, pgsql-hackers(at)postgresql(dot)org, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, mark(at)mark(dot)mielke(dot)cc, Martijn van Oosterhout <kleptog(at)svana(dot)org>, Mark Kirkwood <markir(at)paradise(dot)net(dot)nz> |
Subject: | Re: TODO: GNU TLS |
Date: | 2006-12-30 14:49:48 |
Message-ID: | 20061230144948.GN24675@kenobi.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Bruce Momjian <bruce(at)momjian(dot)us> writes:
> > Keep in mind it took years to get OpenSSL support up to the level we
> > have it now. It took SSL experts coming in and out of our development
> > process to get it 100% feature-complete.
>
> Actually, it's *not* feature-complete even yet.
>
> What basically bothers me about this is that trying to support both the
> OpenSSL and GNUTLS APIs is going to be an enormous investment of
> development and maintenance effort, because it's such a nontrivial thing
> to use properly. It sticks in my craw to be doing that work for no
> technical reason, only a license-lawyering reason; and not even a
> license issue that everyone is convinced is real.
The development has been done (and wasn't terribly enormous aiui) and I
have a hard time believeing it's a huge maintenance cost. If features
are added wrt SSL they wouldn't have to be added to both, either,
although in general I doubt it'd be all that difficult to support both
from the get-go but there's no obligataion and someone else who cares
about one or the other could implement it there.
Thanks,
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Stephen Frost | 2006-12-30 14:55:47 | Re: TODO: GNU TLS |
Previous Message | Stephen Frost | 2006-12-30 14:41:57 | Re: TODO: GNU TLS |