--On Friday, February 23, 2007 11:10 AM -0800 Howard Chu hyc@symas.com wrote:
Quanah Gibson-Mount wrote:
--On Friday, February 23, 2007 8:11 AM +0000 Gavin Henry ghenry@suretecsystems.com wrote:
Does anyone have Debian contacts to inform them of this, or are they fully aware?
Debian is fully aware. Stanford and The Written Word have hired Symas to implement true GnuTLS support, so that this problem will go away.
Though the wisdom of actually using GNUtls has yet to be established. Personally I would seriously distrust an X.509 implementation written by people who so obviously don't understand X.500. While we'll fix what's obviously broken that we trip over, we weren't tasked with insuring its overall suitability for use.
Understood. One of my co-workers was making the argument to me yesterday, that using GnuTLS is desired because it has a better API than OpenSSL. Personally, I thought one would choose what SSL/TLS implementation to use based on how well it actually follows the specifications....
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html