On Mon, 23 Jan 2012 09:59:21 -0000, Nick <suckless-dev_AT_njw.me.uk> wrote:
> They may well be examples of things that stunnel can work
> fine with. Wrapper programs can be very handy alternatives
> to building in alternative network functionality (e.g.
> torify), though they tend to play less well with static
> binaries.
>
You can't both statically link to a specific BSD Sockets implementation,
and dynamically choose an implementation. Thus suckless software would use
stdio when possible and pipe to UCSPI, optionally through whatever
compression, encryption (e.g. tcpcrypt) or authentication (e.g. OpenPGP)
you desire.
> More generally, though, I agree, SSL is a good example of a
> security technology which is well worth the additional
> complexity.
>
Doubled. At least where encryption is needed.
--
-,Bjartur
Received on Mon Jan 23 2012 - 20:08:09 CET