{"id":503,"date":"2009-01-11T12:07:58","date_gmt":"2009-01-11T11:07:58","guid":{"rendered":"http:\/\/daniel.haxx.se\/blog\/?p=503"},"modified":"2009-01-14T13:48:44","modified_gmt":"2009-01-14T12:48:44","slug":"linux-distros-consolidate-crypto-libs","status":"publish","type":"post","link":"https:\/\/daniel.haxx.se\/blog\/2009\/01\/11\/linux-distros-consolidate-crypto-libs\/","title":{"rendered":"Linux distros consolidate crypto libs"},"content":{"rendered":"<p>For a while already, the <a href=\"http:\/\/fedoraproject.org\/\">Fedora<\/a> distribution has fought battles, done lots of work and pushed for a <a href=\"http:\/\/fedoraproject.org\/wiki\/FedoraCryptoConsolidation\">consolidation<\/a> of all packages that use crypto libs to completely go with <a href=\"http:\/\/www.mozilla.org\/projects\/security\/pki\/nss\/\">Mozilla&#8217;s NSS<\/a>.<\/p>\n<p>Now it seems to be <a href=\"http:\/\/lists.opensuse.org\/opensuse-factory\/2009-01\/msg00010.html\">OpenSUSE&#8217;s turn<\/a>. The discussion I link to here doesn&#8217;t make any definite conclusions but they seem to lean towards NSS as well, claiming it has the most features. I wonder what they base that statement on &#8211; if there&#8217;s a public doc anywhere that state exactly which has what that makes any contender better than any other for them?<\/p>\n<p>In the Fedora case it seems they&#8217;ve focused on the NSS <a href=\"http:\/\/en.wikipedia.org\/wiki\/FIPS_140\">FIPS<\/a> license as the deciding factor but the license issue is also often brought up in this discussion.<\/p>\n<p>I&#8217;ve personally been pondering on writing some kind of unified crypto layer that would expose a single API to an application and handle the different libs as backends, pretty much the same way we do it internally in <a href=\"http:\/\/curl.haxx.se\/libcurl\/\">libcurl<\/a> at the moment. It hasn&#8217;t taken off (or even been started) since I&#8217;ve not had the time nor energy for it yet.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>For a while already, the Fedora distribution has fought battles, done lots of work and pushed for a consolidation of all packages that use crypto libs to completely go with Mozilla&#8217;s NSS. Now it seems to be OpenSUSE&#8217;s turn. The discussion I link to here doesn&#8217;t make any definite conclusions but they seem to lean &hellip; <a href=\"https:\/\/daniel.haxx.se\/blog\/2009\/01\/11\/linux-distros-consolidate-crypto-libs\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Linux distros consolidate crypto libs<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7,14,133],"tags":[33,42,44,43],"class_list":["post-503","post","type-post","status-publish","format-standard","hentry","category-curl","category-linux","category-security","tag-curl-and-libcurl","tag-fedora","tag-nss","tag-ssl"],"_links":{"self":[{"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/posts\/503","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/comments?post=503"}],"version-history":[{"count":0,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/posts\/503\/revisions"}],"wp:attachment":[{"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/media?parent=503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/categories?post=503"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/tags?post=503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}