GnuTLS vs NSS vs OpenSSL - Which TLS library do you prefer?

[xgivolari]

Since many packages give you the choice to pick a single TLS library to support, I am curious which one is the most popular among Gentoo users. Most info on this I could find online is either horribly outdated or just runs down a basic list of features. If you have specific reasons for picking one of them, please share them down below. Thanks!

Note that I chose not to include implementations such as wolfSSL/LibreSSL/mbedTLS, as I don't think they are comparable with the other three in the current GNU/Linux ecosystem.

[szatox]

One important option is missing:
"default"

[figueroa]

No preference.
_________________
Andy Figueroa
hp pavilion hpe h8-1260t/2AB5; spinning rust x3
i7-2600 @ 3.40GHz; 16 gb; Radeon HD 7570
amd64/23.0/split-usr/desktop (stable), OpenRC, -systemd -pulseaudio -uefi

[papu]

i use default openssl, would it be possible to use gnutls instead openssl?
i think not but i'ld like it, by de way i don't really know the differences in characteristics and performance between both hehehe


_________________
"~amd64" --cpu 7700 non-x --DDR5 2x16GB 6000MHz --gpu RX 470

[pjp]

My preference is for the option to choose a single dependency.

~30 installed packages depend on openssl (I didn't check to see if they could use something else).

3 packages depend on gnutls (2 don't allow an alternative; the other appears to be capable of using openssl).
_________________
Quis separabit? Quo animo?

[togooroo]

Personally I prefer mbedtls, it (says) it cares about code quality the most, and I find that an important aspect of a crypto library.