[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SHA, MD, and openssl

From: Ted Zlatanov
Subject: Re: SHA, MD, and openssl
Date: Sun, 08 Dec 2013 17:46:09 -0500
User-agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux)

On Sun, 08 Dec 2013 13:01:40 -0800 Paul Eggert <address@hidden> wrote: 

PE> Eli Zaretskii wrote:
>> However, isn't it true that openssl has some legal "issues" with
>> patents and with its license, and shouldn't we prefer libnettle for
>> those reasons?

PE> I'm not aware of any patent issues for SHA or MD5.
PE> As for as license, Emacs is linking against a library
PE> that is normally distributed with the major components of
PE> the operating system, so that part of the GPL applies.

PE> It'd make sense for Emacs to use gnutls, nettle, libgcrypt,
PE> etc. if available and if the performance is good.
PE> This has been suggested on the gnulib list and patches
PE> along those lines would be gratefully accepted.
PE> See, for example:

PE> http://lists.gnu.org/archive/html/bug-gnulib/2013-12/msg00024.html
PE> http://lists.gnu.org/archive/html/bug-gnulib/2013-12/msg00026.html
PE> http://lists.gnu.org/archive/html/bug-gnulib/2013-12/msg00036.html

I wrote the full integration with libnettle+libhogweed as a patch (with
tests, and bringing in all the interesting ciphers).  It later turned
out that GnuTLS, already a requirement, exposes all that at the C level
in passthrough functions, so libnettle and libhogweed are not even a
requirement.  But that's an implementation detail, since GnuTLS requires
libnettle and libhogweed anyway.

Stefan rejected the patch because he wants to move the GnuTLS
integration to a FFI layer[1].  I don't know when I'll have time to
implement that myself so any help is welcome.


[1] https://lists.gnu.org/archive/html/emacs-devel/2013-10/msg00168.html

reply via email to

[Prev in Thread] Current Thread [Next in Thread]