[Dnsmasq-discuss] Does DNSSEC require nettle and gmp, or nettle with gmp?
Brad Smith
brad at comstyle.com
Tue Apr 1 17:57:57 UTC 2014
On 01/04/14 1:45 PM, Dave Taht wrote:
> On Tue, Apr 1, 2014 at 9:54 AM, /dev/rob0 <rob0 at gmx.co.uk> wrote:
>> On Tue, Mar 25, 2014 at 07:08:44PM -0400, Alex Xu wrote:
>>> On 25/03/14 07:03 PM, sven falempin wrote:
>>>> my concern of nettle vs openssl is the amount of review and
>>>> testing nettle did get compared to something more widely(!)
>>>> used
>>>
>>> something being used a lot != something being good
>>
>> Absolutely true, but in the context of open source software,
>> especially cryptographic software, more use also tends to mean
>> more code review.
>>
>> I'm not really qualified to judge here what is best; I can only
>> point out what I, as a user, think about it. I'll trust Simon's
>> judgment, but I hope he has considered these concerns.
>
> I have not been tracking this conversation closely, but my own
> take on matters is that I'm opposed to a monoculture of anything...
>
> http://www.abc.net.au/news/2013-08-29/feature-banana/4922208
>
> And thus I enthusiastically support other OSes than linux, other
> dns servers besides bind, and other crypto libraries besides openssl.
I have no problem with not having a monoculture. But provide an
option to support more than one crypto library. Don't assume what
is good for OpenWRT and other embedded OS's is good for everyone
else. That's making a really poor assumption.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Dnsmasq-discuss
mailing list