[Kea-users] Botan vs. OpenSSL dependency for Kea
Tomek Mrugalski
tomasz at isc.org
Thu Mar 3 23:01:28 UTC 2016
On 03.03.2016 23:35, Adam Majer wrote:
> The configure script seems to prefer Botan over OpenSSL. I'm uncertain
> if this is intentional or arbitrary.
That's due to historical reasons. During the BIND10 days the only
supported library was Botan. It was pointed many times that Botan is
much less popular library, compared to OpenSSL and requiring Botan was
considered annoyance by many. So we added OpenSSL support as an alternative.
> Is there any benefit of using Botan over OpenSSL with Kea, aside of
> reduced dependency list? Is one crypto backend better tested?
Kea is tested with both Botan and OpenSSL. I presume OpenSSL as a
library, being much more popular is also better tested.
On the other hand, sometimes it is useful to use less common library.
During the heartbleed bug panic, Kea users were not affected as they
were relying on Botan.
Tomek
More information about the Kea-users
mailing list