| This article has multiple issues. Please help improve it or discuss these issues on the talk page. | This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (March 2011) |
|
GnuTLS (pron.: /ˈɡnuː ˌtiː ˌɛl ˈɛs/, the GNU Transport Layer Security Library) is a free software implementation of the SSL, TLS and DTLS protocols. It offers an application programming interface (API) for applications to enable secure communication over their network transport layer, as well as interfaces to access X.509, PKCS #12, OpenPGP and other structures. Although originally created for the GNU project, it became dissociated with it on the 10th of December 2012.[2]
Features
GnuTLS consists of a library that allows client applications to start secure sessions using the available protocols, as well as of a few command-line tools, including an X.509 certificate manager, test client and server, random key and password generators. As of 2011[update] Apache web server can be configured to use GnuTLS so as to support TLS 1.2.[3]
GnuTLS has the following features:
- SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2 protocols
- Datagram TLS (DTLS) 1.0
- Secure remote password protocol (SRP) for TLS authentication
- Pre-shared key (PSK) for TLS authentication
- X.509 and OpenPGP certificate[4] handling
- CPU assisted cryptography and cryptographic accelerator support (/dev/crypto only, no AF ALG), VIA PadLock and AES-NI instruction sets[5]
- Support for smart cards and for hardware security modules
- Storing cryptographic keys in the system's Trusted Platform Module (TPM)
License and motivation
The GnuTLS library is licensed under the GNU Lesser General Public License; included applications are licensed under the GNU General Public License.
GnuTLS was initially created to allow applications of the GNU project to use secure protocols such as TLS. Although OpenSSL already existed, OpenSSL's license is not compatible with the GPL;[6] thus software under the GPL, such as GNU software, could not use OpenSSL without making a GPL linking exception.
The list of software packages using GnuTLS includes GNOME, CenterIM, Exim, Weechat, Mutt, slrn, Lynx, CUPS and gnoMint.[7]
See also
- CyaSSL
- PolarSSL
- Network Security Services
- Perbandingan -- TLS Implementations
References
External links
|
---|
| History | | |
---|
| Licenses | |
---|
| Software | |
---|
| Public speakers | |
---|
| Other topics | |
---|
|