Re: TODO: GNU TLS - Mailing list pgsql-hackers

From Andrew Dunstan
Subject Re: TODO: GNU TLS
Date
Msg-id 459AA812.3050405@dunslane.net
Whole thread Raw
In response to Re: TODO: GNU TLS  (David Boreham <david_list@boreham.org>)
Responses Re: TODO: GNU TLS
Re: TODO: GNU TLS
Re: TODO: GNU TLS
List pgsql-hackers
David Boreham wrote:
> Stephen Frost wrote:
>
>> * David Boreham (david_list@boreham.org) wrote:
>>  
>>
>>> Fascinating thread for the holidays. I found it interesting that 
>>> nobody has mentioned
>>> NSS (former Netscape SSL library). It has its own bag of problems of 
>>> course, but
>>> for me is potentially more attractive than GNU TLS. e.g. it has 
>>> FIPS-140 certification
>>> and is actively under development by a software company with 
>>> significant resources.
>>> It's also very widely deployed. I'm not saying that OpenSSL is bad 
>>> (it'd probably be my
>>> first choice), just that there is another option besides GNU TLS.
>>>   
>>
>> Not sure what license that's under,
>>
> From http://www.mozilla.org/projects/security/pki/nss/:
> 'NSS is available under the Mozilla Public License, the GNU General 
> Public License, and the GNU Lesser General Public License.'
>

I suspect most postgres developers and companies would like to keep 
things as BSDish as possible. Dealing with a multitude of licenses might 
be fun for some, but many of us find it a pain in the neck.

Also, do we really want to import the NSPR into Postgres? I suspect not. 
Of course, the only thing that people are tripping over license-wise is 
libpq. But I think we would want to keep that as lean and mean as 
possible, too.

cheers

andrew



pgsql-hackers by date:

Previous
From: "Greg Sabino Mullane"
Date:
Subject: Re: Rare corruption of pg_class index
Next
From: "D. Hageman"
Date:
Subject: 8.2 Crash on Query