SSL is another issue. We are (were at least) discussing crypto libraries. And 7.2 was released over three years ago, so it's not really fair to use in any comparision (though I don't say that SSL has no problems).
/ Martin Nilsson (saturator)
Previous text:
2004-02-26 16:25: Subject: Re: Nettle
Martin Nilsson (saturator) @ Pike (-) developers forum wrote:
Because we would like something small, fast and bugfree. I honestly believe that "What is the best product" is more interesting than "What is the most common product". You don't chose Pike because it is common.
There is also a licence problem I think. OpenSSL is an Apache style licence and Pike is LGPL/Mozilla/GPL.
About OpenSSL in Pike, there is a Pexts for it so that you can use it in Pike. Now I don't agree that Pike SSL must be qualified as "the best product" or even better than OpenSSL, it's not usuable for a production environnement (at least in Pike 7.2): breaks with IE, slow and doesn't support lot of things. Honestly I would prefer to have an openssl based server than nothing.
Besides I don't think it's good to spend too much time reinventing the wheel and maintaining it (for the SSL/TLS protocol part). There are good libraries out there (Mozilla NSS or Gnutls for example) which could propably be used and that will make Pike SSL faster with more features and would require less maintenance in the long run IMHO. For the user Mozilla NSS will always be a better product that Nettle/Pike SSL unless you spend 6 months in Pike SSL (adding TLS, hardware accel, docs, extensive tests, smart session cache,...).
Just my 0.02.
/ David Gourdelier
/ Brevbäraren