1. 27

  2. 1

    This was actually something I was wondering about for the last several days. I haven’t developed using OpenSSL or anything related to security or networks in the past. But is there no real alternative to OpenSSL? I would be genuinely surprised in this case given that almost every other library has multiple competing implementations.

    1. 2

      GnuTLS is the other open-source TLS implementation. It has its own set of security holes.

      1. 1

        A quick note: OpenSSL has a BSD license. GnuTLS is LGPL. You’re correct, I’m just noting the license differences.

        NSS is also open source (Mozilla/GPL/LGPL licenses).

        1. 1

          I was going to mention the license differences, but I’m not sure how much of a role that plays in deciding to use one or the other. Most software depending on a TLS implementation dynamically link to the shared library, so LGPL shouldn’t be an issue.