For those who aren't familiar with GNU TLS, can you give an brief
description of what it does and its role in the GNU Project?
Nikos Mavroyanopoulos: GNUTLS is a library implementation of the SSL 3.0 and TLS 1.0
protocols. Its purpose is to provide applications an authentication
and encryption layer over an existing transport layer such as TCP/IP.
The authentication part includes implementation of the X.509 certificate
authentication framework, the OpenPGP framework as well as password
authentication with SRP.
Many people will have heard of "SSL", from its use in the web. What
is the difference between "SSL" and "TLS"?
Sometime ago there was no standard in the security protocols of the
internet. SSL 2.0 was the first and de facto standard used by the Netscape
browsers and servers, but there was also Microsoft's PCT 1.0.
The IETF then formed the Transport Layer Security working group
whose purpose was to create a single protocol for the internet.
The TLS working group's first protocol was called TLS 1.0, and was
based on the last protocol issued by Netscape, SSL 3.0.
In brief they are almost the same thing, with TLS 1.0 being an updated
version of SSL 3.0.
There are some as existing implementations of SSL, such as SSLeay or
OpenSSL. What are the differences between GNU TLS and these packages?
OpenSSL and SSLeay can be seen as the same thing, since OpenSSL is the
continuation of the SSLeay library. They are both very good SSL and
TLS toolkits, and have a long history behind them. Their license
however contains an advertising clause which is incompatible with the
GNU GPL. This was the reason that made the GNU project seek for an
alternative TLS implementation. Other than that, the purpose of
OpenSSL and GnuTLS is the same, that is to provide applications a
Can you tell us a little about the history of the GNU TLS project and
the people involved?
Sometime after I've volunteered to work for the FSF I've been
contacted by Werner Koch (the gnupg author), who asked whether I could
create an SSL implementation for the GNU project. It seemed quite a
huge project for me then, but I agreed anyway. Together with Tarun
Upadhyay we started gnutls in February 2000.
In about a year later a first prerelease was available. At that time
the project had almost reached a dead end since Tarun had quit, and the
certificate part which was required for a proper release was inexistent.
In order to start coding the certificate part, I desperately needed
an ASN.1 DER parser which was not available at that time.
That was the time that Fabio Fiorina offered to help, and about in May
2001 he contributed an excellent ASN.1 library (now called libtasn1).
That library offered a boost in gnutls' development and within the
summer we had some alpha releases of gnutls called 0.2.x with X.509
certificate support. We had hopefully escaped the dead-end.
An idea to use OpenPGP keys in TLS instead of X.509 certificates,
was carried out by Timo Schulz who offered to help, in February 2002.
Thanks to his fine opencdk library and his help now gnutls has
support for OpenPGP keys, as an alternative to X.509 certificates.
In July 2002 Andrew McDonald contributed an OpenSSL compatible
interface which is included in gnutls since then.
We finally released gnutls 1.0.0, the first version to be considered
as stable, in December 2003.
Are there any GNU programs which don't use TLS currently, that you
would like see converted to use it?
Well gnutls was mostly tested in server applications, so I'm
now more interested into seeing more feedback from client applications.
If somebody wants to use GNU TLS in an existing networked application
communicating over standard unix sockets is it complicated to do that?
I tried to make the porting of existing network applications as painless
as possible. The TLS part was built with the Berkeley sockets as
a model, so network programmers find it familiar. Of course someone
shouldn't expect the API to be exactly like the Berkeley functions,
since gnutls offers features, that do not exist in TCP/IP. A basic
knowledge of public key infrastructure is also needed in order to
understand why some steps are needed.
I have a lot of passwords for different websites and mailing lists.
How difficult would it be to use TLS to eliminate the need for the
usernames/passwords on websites, by identifying users by a certificate
instead of a password? Is this something that could easily be added
into programs such as Mailman?
Yes, web-based programs could benefit heavily from the certificate
authentication provided by the TLS layer. A user can be fully
identified by a certificate permanently stored in his browser. But
such an infrastructure is not easy to deploy, since it requires a
centralized certification authority. That authority would need
resources for the purpose of user's certificate issuing, updating,
An alternative decentralized solution could be the usage of openpgp
keys, for TLS authentication. That way a user could be authenticated by
sending his existing openpgp key. This kind of authentication is
currently implemented only in gnutls but I hope that other TLS
implementations would follow.
Do you have any plans to offer commercial support for GNU TLS?
Currently I have no such plans.
What is your background as a developer? How did you become active in
GNU TLS and free software?
I've started coding when I learned C++ and C, back in 1996, in high
school, after I got my first GNU/Linux distribution.
I wanted to fix and change things in the programs I used, so I bought
some books on programming. I was quite impressed by my distribution
(it was a slackware), because the source code of the programs I used, existed
so I could change things the way I liked!
While in the university I've read about cryptography, and as
a result I've created the cryptographic libraries mcrypt and mhash.
GnuTLS came some years later. The first testbed of gnutls was hydra,
an http server, which I've created. During these years I've also worked for
a proprietary software company in Greece.
Is there any story behind how you became a supporter of the free
More or less it's the same story that made me be engaged in programming.
Having software to study, and compiler tools available in the
operating system I used, was an idea I liked, so I became a
supporter of the free software philosophy.
Security is a big issue today. From your experience of working on GNU
TLS do you have any thoughts you'd like to share with other
Well, the fact is that it takes a lot of time to create software
to be called secure, and despite that you can never be certain of providing the
advertised security. Unfortunately there is no such proof of security,
so you can only rely on the process that creates the software, and to a
process of auditing.
Do you have any ideas on how we can move to a more secure
infrastructure, both for free software development and for general
users of the internet?
Those are really difficult problems to deal with in the internet,
since it is a very large network, and changes in the basic
infrastructure usually take years to be accomplished. Authentication
and especially a decentralized one, such as the OpenPGP's web of trust
may help controlling the number of messages originating from unknown
sources. However I'm not quite involved in the Internet Mail working
groups, and do not know whether authentication has practical problems.
Software development as a process has little to gain by using
cryptographic protocols. The most important advantage, is for the
user's of software, since the introduction of cryptographic protocols
ensures privacy. This is too important for applications running in
networks like the internet, which was not designed to offer privacy.
One problem I've found with signed packages is that it's difficult to
get a web of trust which connects everyone, even though the free
software community is relatively small, so I usually have no way of
verifying a signature. Is it possible to use the tools in GNU TLS for
"code-signing" with certificates issued by a Certificate Authority?
Gnutls' tools do not offer this capability but as far as I know the
new generation of gnupg will be providing such features. However, the
problems you described will not be solved just by changing to X.509
Developers who sign releases with openpgp keys that are not signed by
any other people, would probably use an X.509 certificate that is
self-signed. The correct use of the given infrastructure is on the
developer, and not in the infrastructure itself. Both protocols could
be misused. In the web of trust case it might be better to notify
such developers that their key could not be trusted.
Also the X.509 infrastructure has the drawback that requires a
centralized authentication systems which do not fit to the
decentralized development model that free software projects use.
If somebody wants to learn more about GNU TLS are there any books or
tutorials that you would recommend?
Currently there is only the gnutls manual which is included in the
distribution but also available online at GNU.org.
I've tried to make it a good manual, but it still needs work.
Thanks for taking the time for this interview and for your work on
Thank you too.