On 12/03/2013 03:44 PM, Eric Blake wrote: > > Libvirt would prefer a solution that uses nettle, at least when used in > RHEL.
Correction: libvirt would prefer a solution that uses gnutls, and could
live with a solution that uses openssl. Certification-wise, indirect
use of nettle via gnutls is fine, but direct use of either nettle or
libgcrypt raises eyebrows at Red Hat.
>
> if we have --enable-crypto={basic|nettle|openssl|gcrypt}, then distro
> packagers can choose WHICH library they want to drag in, rather than
> forcing a binary decision of using or avoiding a single library.
Does gnutls also expose enough low-level crypto to be added to the list
of libraries providing optimized crypto hashing?
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
