Package: exim4 Version: 4.63-17 Severity: normal Hello,
The subject pretty much says it all. I see that there are a half dozen TLS related bugs open in the BTS about odd failures that will most likely disappear if you use the more robust implementation. Additionally, openssl uses less system entropy for the same cryptographic strength (there go your bugs about the gnutls random seed) and most importantly for me, openssl actually supports full certificate chain lookups, so you can be guaranteed that this cert was signed was signed by that ca. gnutls does not, to the best of my knowledge. I fully understand the desire to assist gnutls, but until it provides a comparable feature set at a comparable performance level, I think that the default MTA in Debian could do slightly better. It's not as if there's a licensing issue - there is an explicit excemption for openssl. Ordinarily I would make a 'please do such and such in the packaging' bug severity: wishlist, but given how many other open bugs appear to be directly related to this choice, and how far gnutls is from providing some fairly crucial features, I think that wishlist is too low a priority. That being said, I am not interested in BTS ping pong and won't argue if you decide to downgrade the bug. Thanks, -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-5-686 Locale: LANG=en_US.utf-8, LC_CTYPE=en_US.utf-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf-8) -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
