why gnutls when we have openssl?

Werner Koch wk@gnupg.org
Thu Aug 23 12:22:02 2001


On Thu, 23 Aug 2001 11:59:58 +0200, Levente Farkas said:


> can someone explain me why do you guys write gnutls when we have openssl?
One reason is that the OpenSSL license is not compatible to the GPL; this forbids us to use code from OpenSSL or distribute GPLed software together with OpenSSL. Even if the OpenSSL folks would like to remove the proplematic parts out of their licese and use license like the revised BSD one, they can't do that because most code is copyrighted by Eric Young et al. and given the statements in their SSLeay license it is unlikely that they will work on making it compatible to the GPL. Having a GPLed implementation has also the advantage that other companies can't use this without releasing there changes - this can help to avoid proprietary extensions like what we have seen Microsoft did to Kerberos. Another reason is that it is always good to have more than one implementation of a protocol - 2 free ones are really good. Then there is of course the challenge to implement such a over-complicated protocol coorectly - hackers do like such challenges. Some folks even have concerns about the design of SSLeay and the fact that it is not very good documented. Nikos might have other reasons as well ... Werner -- Werner Koch Omnis enim res, quae dando non deficit, dum habetur g10 Code GmbH et non datur, nondum habetur, quomodo habenda est. Privacy Solutions -- Augustinus