Re: A couple of questions and concerns about Emacs network security

[Stefan Monnier]

> In spite of the name "gnu" in "gnutls", gnutls is not FSF or Gnu
> software. I think Emacs should be using OpenSSL, as it is a much
> better maintained library.

I don't have a strong preference either way, but I've heard the above
argument combined with arguments of security, but AFAIK gnutls is still
maintained and its security track record is no worse than that
of OpenSSL.

IOW someone really concerned about security would likely choose
something else than OpenSSL or gnutls.  E.g. something not written in
a language that makes it hard to write safe code, for instance.


        Stefan