Re: [chrony-dev] Experimental NTS support |
[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]
On 2019-03-27T14:31+0100, Miroslav Lichvar wrote:
On Wed, Mar 27, 2019 at 08:23:13AM -0500, Lonnie Abelbeck wrote:> On Mar 27, 2019, at 6:22 AM, Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote: > > I've been working on an implementation of the new NTP public-key > authentication called Network Time Security (NTS). Its specification > will hopefully be finalized in near future. -snip- > Nettle and gnutls development files are needed to build chrony with > NTS support. Hi Miroslav, Will OpenSSL (instead of nettle and gnutls) also be supported down the road ?Probably not. The license of OpenSSL is not compatible with chrony's licensing (GPLv2). Do you see any issues with gnutls?
I must admit CVE-2020-13777 [1] has cooled me down a lot about GnuTLS. OpenSSL 3.0 (currently in alpha stage) will use the Apache License 2.0 which isn’t compatible with the GPLv2. Sigh, what a mess!
[1] https://gitlab.com/gnutls/gnutls/-/issues/1011
Attachment:
signature.asc
Description: PGP signature
Mail converted by MHonArc 2.6.19+ | http://listengine.tuxfamily.org/ |