[Cryptography] GnuTLS -- time to look at the diff.
Peter Todd
pete at petertodd.org
Tue Mar 11 17:45:19 EDT 2014
On Fri, Mar 07, 2014 at 10:58:51AM -0500, Harald Koch wrote:
> On 6 March 2014 05:30, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
>
> >
> > OTOH the goto mess in the Apple/GnuTLS code is really a sign of a much
> > larger
> > problem in the way that the coding is being done. If you look through the
> > posted GnuTLS code for example it seems pretty undisciplined, hardcoded
> > explicit values, confusion over return values, and all sorts of other
> > things.
> >
>
> This is what happens when the software license is more important than the
> software itself. GnuTLS exists primarily because OpenSSL's license is
> incompatible with (Debian's interpretation of) the FSL, yes?
I wonder what people would have been saying had the bug been in OpenSSL
rather than GnuTLS...
--
'peter'[:-1]@petertodd.org
000000000000004b6cca89a20a6287dd423bbec48d901755dfe888bc9fa948d4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 685 bytes
Desc: Digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140311/e6ccc314/attachment.pgp>
More information about the cryptography
mailing list