Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security

OpenSSL or CDSA for Portable TLS? 11

Posted by Cliff from the minimizing-work-at-the-source-level dept.
bfrog asks: "I'm looking for a portable C/C++ client & server TLS library for Windows, Linux, Solaris, and Mac OS X. The license must be commercial-code-friendly. It seems like the choices are: the old standby OpenSSL; or CDSA . Apple makes a convincing argument for CDSA over OpenSSL in this PDF document , but I'm having trouble finding a mature CDSA implementation that's ready to go on all of these platforms. Perhaps I should use the best CDSA implementation for each given platform, and hope that the API's are compatible. That is, after all, the point of CDSA, right? Any suggestions?"
This discussion has been archived. No new comments can be posted.

OpenSSL or CDSA for Portable TLS? More

OpenSSL or CDSA for Portable TLS?

Comments Filter:
  • CDSA is another attempt by Apple to drain developers and users from truely open solutions, gaining them free development work on the one hand and lock-in on the other.
    • Actually it is Intel that is doing it, as Apple's source is based on Intel's.
    • I linked to an open source CDSA project on Freshmeat, which you're too lazy to look at. That, or you're simply spreading FUD. To save you the effort of clicking, the CDSA 2 project supports the following operating systems according to Freshmeat:.

      Operating System :: Microsoft, Microsoft :: Windows, Microsoft :: Windows :: Windows 95/98/2000, Microsoft :: Windows :: Windows NT/2000, OS Independent, POSIX, POSIX :: AIX, POSIX :: HP-UX, POSIX :: Linux, Unix
      • "I'm having trouble finding a mature CDSA implementation that's ready to go on all of these platforms." This would suggest that usable multi-platform support does not actually exist, despite the "CDSA 2" project page on freshmeat claims to the contrary.
    • Well, Intel and Apple. Notice that the license is "OSI approved" rather than GPL? This means that code contributed to the CDSA can be pulled into closed source projects, unlike OpenSSL code which must remain free.

      Avoid at all costs, I say.
  • Have you considered using the mozilla security libs? I know they are cross platform for one and I'm pretty sure you can just use them without linking to the entire beast. (Evolution uses NSS for S/MIME, SSL and TLS)
    • I'm working on using NSS for a web server SSL module project. It was brought to my attention by someone that OpenSSL is good for a web server but not for a web server or web client that needs to support client certificate chaining and online certificate revocation checking. Those two requirements are on the hot list of this project.

      The only think about NSS that worries me is the Netscape Portable Runtime part and how well it works with our own threaded runtime.

      Kris
  • Doesn't look like a very convincing case to me.

    Dave

Slashdot Top Deals

To the systems programmer, users and applications serve only to provide a test load.

Close