1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
#include 'common.wml' page="Overview"
<table class="transparent" border="0" cellspacing="1" width="100%">
<tr><td>
<p>
Welcome to <i>GnuTLS</i> project pages
</p>
<ul>
<li><a name="overview"><b>Overview</b></a>
<p> GnuTLS is a secure communications library implementing the <a href="http://datatracker.ietf.org/wg/tls/charter/">SSL, TLS and DTLS protocols</a>
and technologies around them. It provides a simple C language application programming interface (API)
to access the secure communications protocols as well as APIs to parse and
write X.509, PKCS #12, OpenPGP and other required structures. It is
aimed to be portable and efficient with focus on security and interoperability.
</p></li>
<li><a name="features"><b>Features</b></a>
<ul>
<li>Support for <a href="http://tools.ietf.org/html/rfc5247">TLS 1.2</a>, TLS 1.1, TLS 1.0, and SSL 3.0 protocols</li>
<li>Support for <a href="http://tools.ietf.org/html/rfc6347">DTLS 1.2</a>, and DTLS 1.0, protocols</li>
<li>Support for certificate path validation, as well as <a href="http://www.gnutls.org/manual/html_node/Verifying-a-certificate-using-DANE.html#Verifying-a-certificate-using-DANE">DANE</a> and <a href="http://www.gnutls.org/manual/html_node/Verifying-a-certificate-using-trust-on-first-use-authentication.html#Verifying-a-certificate-using-trust-on-first-use-authentication">trust on first use</a>.</li>
<li>Support for the <a href="http://www.gnutls.org/manual/html_node/OCSP-certificate-status-checking.html">Online Certificate Status Protocol (OCSP)</a>.</li>
<li>Support for multiple certificate types including X.509 and <a href="openpgp.html">OpenPGP</a> certificates.</li>
<li>Support for public key methods, including RSA and Elliptic curves, as well as password and key authentication methods such as <a href="http://www.gnutls.org/manual/html_node/Authentication-using-SRP.html#Authentication-using-SRP">SRP</a> and <a href="http://www.gnutls.org/manual/html_node/Authentication-using-PSK.html#Authentication-using-PSK">PSK</a> protocols.</li>
<li>Support for all the strong encryption algorithms, including AES and Camellia.
<li>Support for CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
<li>Support for cryptographic accelerator drivers via <a href="http://www.cryptodev-linux.org/">/dev/crypto</a>.
<li>Supports natively <a href="http://www.gnutls.org/manual/html_node/Smart-cards-and-HSMs.html#Smart-cards-and-HSMs">HSMs and cryptographic tokens</a>, via PKCS #11 and the <a href="http://www.gnutls.org/manual/html_node/Trusted-Platform-Module.html#Trusted-Platform-Module">Trusted Platform Module (TPM)</a>.</li>
<li>Runs on most Unix platforms and Windows.</li>
</ul>
</li>
<li><a name="license"><b>License</b></a>
<p>The core library licensed under
the <a href="http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html">GNU
Lesser General Public License version 2.1</a> (LGPLv2.1+). The
LGPL license is compatible with a wide range of free licenses,
and even permit you to use GnuTLS in non-free proprietary
programs. </p> </li>
</ul>
<ul>
<li><a name="documentation"><b>Documentation:</b></a>
<p>
You can obtain <a href="http://www.lulu.com/shop/nikos-mavrogiannopoulos-and-simon-josefsson/the-gnutls-manual/paperback/product-18963264.html">
GnuTLS' manual at lulu.com</a> or download
<a href="$(path)documentation.html">any of the electronic formats</a>.
</p>
</ul>
<p>
For more information on GnuTLS features, see the <a
href="https://en.wikipedia.org/wiki/Comparison_of_TLS_Implementations">
wikipedia article comparing different TLS implementations</a>.
</p>
</td>
<td>
<div class="emph-box">
#include 'rawnews.wml' MAX_NEWS=4 TABLE_CLASS=news-transparent
</div>
</td>
</tr>
</table>
#include 'bottom.wml'
|
