[gnutls-dev]thoughts on the gnutls API

Nikos Mavroyanopoulos nmav at gnutls.org
Tue Nov 26 12:32:01 CET 2002


Currently the gnutls API is quite stabilized, although there
are still some points that may need to be reconsidered.

The gnutls api now includes, the required to handle TLS sessions,
plus some limited functionality to parse X.509 and OpenPGP certificates.
This was helpful at the begining where there was no GPL compatible
library to handle certificates, but now I think that it is questionable
if this is still needed.

That is because libksba of project aegypten can now handle x.509
certificates and CRLs. So my current plan is to make all the
x509 certificate handling stuff, wrap over the libksba, to avoid
maintaining/generating duplicate code[0]. This will probably be in
the next major release. Are there any suggestions or comments
about that?

[0]. And for advanced certificate handling, gnutls documentation will 
reference directly libksba, and opencdk for certificate handling.

Nikos Mavroyanopoulos

More information about the Gnutls-devel mailing list