Bruce Momjian <bruce@momjian.us> writes:
> Keep in mind it took years to get OpenSSL support up to the level we
> have it now. It took SSL experts coming in and out of our development
> process to get it 100% feature-complete.
Actually, it's *not* feature-complete even yet.
What basically bothers me about this is that trying to support both the
OpenSSL and GNUTLS APIs is going to be an enormous investment of
development and maintenance effort, because it's such a nontrivial thing
to use properly. It sticks in my craw to be doing that work for no
technical reason, only a license-lawyering reason; and not even a
license issue that everyone is convinced is real.
regards, tom lane
