Michal wrote:
On Wed, Jan 20, 2010 at 10:52 AM, corvid <corvid@lavabit.com> wrote:
A few hours ago, I started to wonder how much trouble it would be to make https.c understand gnutls instead of openssl.
The answer is: If you borrow liberally from the public domain code in ? ? ? ? ? ? ? the gnutls manual, then not very much!
So here's a toy for anyone who would like one: ?http://www.dillo.org/test/gnutls.0.patch
What about NSS?
https://fedoraproject.org/wiki/FedoraCryptoConsolidation
It might bring even more (FIPS) compared to gnutls.
Does gnutls lack it because it requires paying $$ and/or infinite bureaucratic hurdles, or is it a technical matter? The NSS documentation seems to say that applications would no longer have to know where a file full of certificates is because that would all be taken care of by NSS in some centralized thing. Is that the case? _That_ would definitely appeal to me.