David Boreham wrote:
> Stephen Frost wrote:
>
>> * David Boreham (david_list@boreham.org) wrote:
>>
>>
>>> Fascinating thread for the holidays. I found it interesting that
>>> nobody has mentioned
>>> NSS (former Netscape SSL library). It has its own bag of problems of
>>> course, but
>>> for me is potentially more attractive than GNU TLS. e.g. it has
>>> FIPS-140 certification
>>> and is actively under development by a software company with
>>> significant resources.
>>> It's also very widely deployed. I'm not saying that OpenSSL is bad
>>> (it'd probably be my
>>> first choice), just that there is another option besides GNU TLS.
>>>
>>
>> Not sure what license that's under,
>>
> From http://www.mozilla.org/projects/security/pki/nss/:
> 'NSS is available under the Mozilla Public License, the GNU General
> Public License, and the GNU Lesser General Public License.'
>
I suspect most postgres developers and companies would like to keep
things as BSDish as possible. Dealing with a multitude of licenses might
be fun for some, but many of us find it a pain in the neck.
Also, do we really want to import the NSPR into Postgres? I suspect not.
Of course, the only thing that people are tripping over license-wise is
libpq. But I think we would want to keep that as lean and mean as
possible, too.
cheers
andrew