GNU TLS README -- Important introductory notes. Copyright (C) 2004 Simon Josefsson Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavroyanopoulos See the end for copying conditions. This is the GNU TLS library. More up to date information can be found at http://www.gnu.org/software/gnutls/ and http://www.gnutls.org/ This is a TLS (Transport Layer Security) 1.0 and SSL (Secure Sockets Layer) 3.0 implementation for the GNU project. - The library needs libgcrypt. You can find libgcrypt at ftp://ftp.gnupg.org/pub/gcrypt/alpha/libgcrypt/ Note that by compiling libgcrypt with CPU optimizations gnutls' speed will increase. - For OpenPGP key support the OpenCDK library is required. You can find libopencdk at: ftp://ftp.gnutls.org/pub/gnutls/opencdk/ - Documentation: view the doc/ directory and the examples in the doc/examples directory. **************************** COMPILATION ISSUES: Nothing special here. In case you are compiling for embedded systems you should check the configure options (that is run: 'configure --help'), and disable unneeded features of gnutls. Experimental: If you specify --with-nettle, the copy of some files from Nettle that are included in nettle/ will be used. It is used via the generic crypto interface in crypto/, which would normally invoke Libgcrypt. Currently the generic crypto interface only support secret key ciphering, hashing and gathering of random data. Supporting RSA/DSA/DH/SEXP/MPI in the generic crypto interface is pending. As Nettle do not include a randomness gatherer, if --with-nettle is specified, random data will be read from system device files (e.g., /dev/urandom) directly. The files used are printed when running configure, you can override them using --enable-random-device, --enable-pseudo-random-device, and --enable-nonce-device. Please let us know if the defaults for some systems are wrong. The goal here is to make GnuTLS build standalone, in case Libgcrypt is not available, but also to allow easy use of other crypto libraries or crypto hardware. **************************** LICENSE ISSUES: Since the 0.4.2 version the gnutls library is covered under the GNU Lesser GPL. Previously released versions were licensed under the GNU GPL. We changed the license for most of GNUTLS because other free libraries already exist that do the same jobs and have lax licenses. We want GNUTLS to be usable in all the same places as those other libraries. We kept some parts of GNUTLS under the GPL because they are unique, and with the GPL they provide free software projects (which deserve our help) an advantage over non-free projects (which do not deserve our help, since they refuse to share with us). For more explanation, see http://www.gnu.org/philosophy/why-not-lgpl.html. The GNU Lesser GPL license applies to the main gnutls library, while the gnutls-extra library is under the GPL. The gnutls-extra library contains the code for the "OpenPGP key" support and the OpenSSL compatibility layer. The gnutls library is located in the lib/ directory, while the gnutls-extra library is at libextra/. **************************** BUGS: Currently gnuTLS needs a lot of testing. By notifying the developers about a possible bug you may help a lot, since testing is really important and expensive. If you think you found a bug, report it to bug-gnutls@gnu.org, together with the needed information, in order for developers to reproduce it. ---------------------------------------------------------------------- Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.