GnuTLS
 | This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
|
| Developer(s) | Nikos Mavrogiannopoulos Simon Josefsson |
|---|---|
| Stable release | 3.8.2 (November 15, 2023[1]) [±] |
| Repository | |
| Written in | C |
| Operating system | Multi-platform |
| Type | Security library |
| License | LGPLv2.1+ |
| Website | gnutls |
GnuTLS (/ˈɡnuː ˌtiː ˌɛl ˈɛs/, the GNU Transport Layer Security Library) is a free software implementation of the SSL, TLS and DTLS protocols. It offers an application programming interface (API) for applications to enable secure communication over their network transport layer, as well as interfaces to access X.509, PKCS #12, OpenPGP and other structures. Although originally created for the GNU Project, its maintainer disassociated it from GNU in December 2012 after disputes with the Free Software Foundation over certain policies.[2]
Features
GnuTLS consists of:
- a library that allows client applications to start secure sessions using the available protocols
- command-line tools, including:
- an X.509 certificate manager
- test client and server
- random key and password generators
As of 2011[update] administrators can configure Apache web server to use GnuTLS so as to support TLS 1.2.[3]
GnuTLS has the following features:
- SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2 protocols
- Datagram TLS (DTLS) 1.0, 1.2
- Secure remote password protocol (SRP) for TLS authentication
- Pre-shared key (PSK) for TLS authentication
- X.509 and OpenPGP certificate[4] handling
- CPU assisted cryptography and cryptographic accelerator support (/dev/crypto), VIA PadLock and AES-NI instruction sets[5]
- Support for smart cards and for hardware security modules
- Storage of cryptographic keys in the system's Trusted Platform Module (TPM)
License and motivation
The GnuTLS library is licensed under the GNU Lesser General Public License; included applications use the GNU General Public License.
GnuTLS was initially created[by whom?] to allow applications of the GNU Project to use secure protocols such as TLS. Although OpenSSL already existed, OpenSSL's license is not compatible with the GPL;[6] thus software under the GPL, such as GNU software, could not use OpenSSL without making a GPL linking exception.
Deployment
 | This section needs additional citations for verification. (January 2015) |
Software packages using GnuTLS include(d):
See also
- Comparison of TLS implementations
- wolfSSL (previously CyaSSL)
- mbed TLS (previously PolarSSL)
- Network Security Services
References
- ^ "The GnuTLS Transport Layer Security Library". Retrieved 4 December 2023.
- ^ Nikos Mavrogiannopoulos (2012-12-18). "gnutls is moving". Retrieved 2012-12-11.
- ^ The GNU Transport Layer Security Library
- ^ RFC 6091
- ^ The GnuTLS Transport Layer Security Library
- ^ Mark McLoughlin (2004-06-22). "The OpenSSL License and The GPL". Retrieved 2011-04-06.
- ^ a b c "GnuTLS - GNU Project - Free Software Foundation (FSF)". Free Software Foundation. 22 May 2010. Archived from the original on 31 May 2010. Retrieved 25 January 2015.
External links
- Official website
- GNU Friends - An Interview with GNU TLS developer Nikos Mavroyanopoulos — a 2003 interview
- Fellowship interview with Simon Josefsson — a 2009 interview
| Email clients | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Secure communication |
| ||||||||||||||
| Disk encryption (Comparison) | |||||||||||||||
| Anonymity | |||||||||||||||
| File systems (List) | |||||||||||||||
| Security-focused operating system | |||||||||||||||
| Service providers | |||||||||||||||
| Educational | |||||||||||||||
| Anti–computer forensics | |||||||||||||||
| Related topics | |||||||||||||||
