Bug#733295: gnutls-bin: please compile GnuTLS with DANE support
ametzler at bebt.de
Sat Dec 28 12:45:20 UTC 2013
tags 733295 wontfix
On 2013-12-28 Marius Gavrilescu <marius at ieval.ro> wrote:
> Package: gnutls-bin
> Version: 188.8.131.52-2
> Severity: wishlist
> GnuTLS is currently built without DANE support.
> [10:49:17] 0 marius at mgvx:~$ danetool --check=www.nic.cz
> This functionality was disabled (GnuTLS was not compiled with support for DANE).
libdane requires and links against libunbound. libunbound OTOH is
linked against OpenSSL's libssl on Debian. Therefore libdane and
any program using it ends up being dynamically linked against both
libssl (OpenSSL license) and GnuTLS (LGPLv3+ via gmp).
The result is not very useful, since it is e.g. GPL-incompatible (even
danetool(1) is GPLv3+). Apart from that it is more than a little bit
ugly that libdane customers end up being linked against two different
major TLS toolkits.
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-gnutls-maint