why gnutls when we have openssl?

Werner Koch wk at gnupg.org
Thu Aug 23 12:22:02 CEST 2001

On Thu, 23 Aug 2001 11:59:58 +0200, Levente Farkas said:

> can someone explain me why do you guys write gnutls when we have openssl?

One reason is that the OpenSSL license is not compatible to the GPL;
this forbids us to use code from OpenSSL or distribute GPLed software
together with OpenSSL.  Even if the OpenSSL folks would like to remove
the proplematic parts out of their licese and use license like the
revised BSD one, they can't do that because most code is 
copyrighted by Eric Young et al. and given the statements in their
SSLeay license it is unlikely that they will work on making it
compatible to the GPL.  Having a GPLed implementation has also the
advantage that other companies can't use this without releasing there
changes - this can help to avoid proprietary extensions like what we
have seen Microsoft did to Kerberos.

Another reason is that it is always good to have more than one
implementation of a protocol - 2 free ones are really good.

Then there is of course the challenge to implement such a
over-complicated protocol coorectly - hackers do like such challenges.
Some folks even have concerns about the design of SSLeay and the fact
that it is not very good documented.

Nikos might have other reasons as well ...


Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus

More information about the Gnutls-devel mailing list