The GNU Transport Layer Security Library
[Overview]

GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the proposed standards by the IETF's TLS working group.

Quoting from the TLS protocol specification:

"The TLS protocol provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery."

The core library licensed under the GNU Lesser General Public License version 2.1 (LGPLv2.1+). The LGPL license is compatible with a wide range of free licenses, and even permit you to use GnuTLS in non-free proprietary programs.

• Support for TLS 1.1, TLS 1.0 and SSL 3.0 protocols
  
  • Since SSL 2.0 is insecure it is not supported.
  • TLS 1.2 is supported but disabled by default.
• Support for TLS extensions: server name indication, max record size, opaque PRF input, etc.
• Support for authentication using the SRP protocol.
• Support for authentication using both X.509 certificates and OpenPGP keys.
• Support for TLS Pre-Shared-Keys (PSK) extension.
• Support for Inner Application (TLS/IA) extension.
• Support for X.509 and OpenPGP certificate handling.
  
• Support for X.509 Proxy Certificates (RFC 3820).
• Supports all the strong encryption algorithms (including SHA-256/384/512), including Camellia (RFC 4132).
• Supports compression.
• Runs on most Unix platforms and Windows.
• GPL compatible license.