[Cryptography] GnuTLS -- time to look at the diff.

Peter Todd pete at petertodd.org
Tue Mar 11 17:45:19 EDT 2014

On Fri, Mar 07, 2014 at 10:58:51AM -0500, Harald Koch wrote:
> On 6 March 2014 05:30, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
> >
> > OTOH the goto mess in the Apple/GnuTLS code is really a sign of a much
> > larger
> > problem in the way that the coding is being done.  If you look through the
> > posted GnuTLS code for example it seems pretty undisciplined, hardcoded
> > explicit values, confusion over return values, and all sorts of other
> > things.
> >
> This is what happens when the software license is more important than the
> software itself. GnuTLS exists primarily because OpenSSL's license is
> incompatible with (Debian's interpretation of) the FSL, yes?

I wonder what people would have been saying had the bug been in OpenSSL
rather than GnuTLS...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 685 bytes
Desc: Digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140311/e6ccc314/attachment.pgp>

More information about the cryptography mailing list