Le mardi, 28 jan 2003, à 08:34 Europe/Paris, Alexander Demenshin a écrit :
On Tue, Jan 28, 2003 at 01:20:01AM +0100, Martin Nilsson (Åskblod) @ Pike (-) developers forum wrote:
One obvious disadvantage with OpenSSL though is that it is written in C, and thus is more likely to have bugs causing security holes.
Also the fact that we should support OpenSSL should help us to support hardware crypto cards that for example OpenBSD supports.
This will allows Roxen users and Caudium users to have intensive SSL3 webservers on their machine with such cards. As Caudium maintainer I was sometimes asked if we support hardware accelerators... My reply was always no because of this reasons.
On other hand, the fact that Pike didn't depends to OpenSSL saved us (Roxen & Caudium) our time in the last bugs / problems we had recently and that was good.
I don't ask to replace Pike SSL with OpenSSL API... I just like to add a separate Cmod and the programmer will make the difference...
/Xavier
-- Xavier Beaudouin - Unix System Administrator & Projects Leader. Please visit http://caudium.net/, home of Caudium & Camas projects O ascii ribbon campaign against html email |\ and Microsoft attachments