On 28/02/2013 14:17, Timo Sirainen wrote:
On 27.2.2013, at 23.15, Charles Marcus CMarcus@Media-Brokers.com wrote:
Just curious if you ever thought about supporting other than just OpenSSL?
PolarSSL looks really interesting, has no major dependencies and is very lightweight compared to OpenSSL, GNUTLS or others...
I guess it could be a lot of work, or not, anyway, I'm just curious… I initially tried to support both OpenSSL and GNUTLS, and it was a lot of work. I'm not really looking forward to that again :) But I guess after v2.3 the Dovecot's lib-ssl-iostream API might become stable enough that other backends could be implemented just once without having to keep changing them..
I believe the high profile user of polarssl is the Dutch government who have approved OpenVPN + PolarSSL for use. (The point being that openssl is just too huge to audit for security)
Ed W