[exim-dev] [Bug 1523] DANE support under GnuTLS

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Andreas Metzler
日付:  
To: exim-dev
題目: [exim-dev] [Bug 1523] DANE support under GnuTLS
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1523




--- Comment #1 from Andreas Metzler <eximusers@???> 2014-09-02 18:04:23 ---
On 2014-09-02 Jeremy Harris <jgh146exb@???> wrote:
> EXPERIMENTAL_DANE only works with an OpenSSL build.
> We should do a GnuTLS implementation also.


> Viktor has, I think, opined that the builtin support
> in GnuTLS for DANE is insufficient; possibly we should
> try to use the same library (basically Viktor's code)
> for both.


Just as a data point:

GnuTLS DANE support is currently not used a lot since it requires
unbound which in turn requires one of the other two big SSL toolkits
(NSS or OpenSSL). That is why we are not shipping the library in
Debian yet.

That is supposed to change, though, see
<http://lists.gnutls.org/pipermail/gnutls-devel/2014-July/007039.html>

cu Andreas


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email