1We could add also support for: 2 3* cryptlib (http://www.cs.auckland.ac.nz/~pgut001/cryptlib/ - it is distributed 4 in zip form which doesn't look very business-like, and it lacks manual in a 5 format conviently readable for me; however, they say it is damn fast and very 6 easy to use) 7 8* NSS (http://www.mozilla.org/projects/security/pki/nss/ - it could be pretty 9 widespread and nicely tested by mozilla, however it scares me, it looks to be 10 pretty complex and already needing some certificates db generated etc) 11 12Possibly, we should drop support for native GnuTLS and use their OpenSSL 13wrapper instead, since I happen to feel very unsure about GnuTLS interface - 14OpenSSL is not much better, but we can steal code from other applications ;-). 15 16We should get some certificates managment and mainly _serious_ and _reliable_ 17verification of peers' certificates, including URN checking etc etc. We have 18serious problems with this and I'm not going to learn real OpenSSL (from 19nowhere as I didn't find any usable documentation for OpenSSL) just to fix 20this, sorry; someone else must do this. 21