[rsyslog] openssl vs rsyslog
Michael Biebl
mbiebl at gmail.com
Mon Mar 31 21:18:33 CEST 2008
2008/3/31, seth vidal <skvidal at fedoraproject.org>:
> > A prominent example of a project using GnuTLS is e.g. samba (if it's
> > highly threaded, I don't know). OpenLDAP in Debian also uses GnuTLS.
> > A prominent example of a project using NSS is mozilla/firefox/thunderbird.
> >
> > I think the more widely used library is GnuTLS. I really don't have
> > that much experience with either of these libraries, so it's hard to
> > give a recommendation.
> >
>
>
> the library that a lot of folks inside red hat and fedora are driving
> people to is the mozilla nss library. It handles all the bits openssl
> does and w/o the licensing problems.
Interesting to know. Do you know any technical advantages of NSS over
GnuTLS (stability, features, nicer API, etc)?
At least on Debian I had the impression that GnuTLS was the preferred solution.
E.g. samba, openldap and exim4 are originally using openssl but
contain a patch to use GnuTLS in Debian.
One reason might be, that libgnutls is quite a bit smaller:
gnutls: installed size (on i386): 920 kb [1]
libnss3: installed size (on i386): 2472 kb, also requires the netscape
portable runtime library libnpr (588 kb) => ~3Mb [2]
Which imho is a plus for GnuTLS.
[1] http://packages.debian.org/sid/libgnutls26
[2] http://packages.debian.org/sid/libnss3-1d
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
More information about the rsyslog
mailing list