[Swan-dev] [cryptography] Announcing Mozilla::PKIX, a New Certificate Verification Library (fwd)

Matt Rogers mrogers at redhat.com
Thu Apr 10 18:06:28 EEST 2014

On Thu, Apr 10, 2014 at 10:40:40AM -0400, Lennart Sorensen wrote:
> On Mon, Apr 07, 2014 at 07:22:51PM -0400, Paul Wouters wrote:
> > wonder if we can use this instead of the legacy x509 code....
> I would prefer avoiding having to maintain yet another crypto library.
> Needing openssl and gnutls26 is enough thank you.  Routers have no need
> to run firefox and hence have no need to have libnss installed, so can
> we try to keep it that way?

Libreswan already depends on NSS for crypto, not openssl.


More information about the Swan-dev mailing list