Mail archive

Re: [alpine-devel] openssl-1.0.2 or libressl ?

From: Orion <>
Date: Fri, 6 Feb 2015 17:06:13 -0800

On Fri, 6 Feb 2015 15:00:58 +0100
Natanael Copa <> wrote:

> I don't want Alpine to jump on every new hype that appears in media.

I fully agree. I should have conveyed that I always want to us to vet to
the best of our ability changes to Alpine (e.g. code, libraries,
packages, design, etc.).

> libressl is still young so I think it would be wait a bit more to see
> if it is something that will stay.

LibreSSL is young as a project but, as I understand it, it isn't a
rewrite of OpenSSL from scratch. At the moment it is much more an
audited & patched version of OpenSSl than a 'new SSL' library. They
started by just hacking out as much outdated, useless, and crappy code
as they could. Then replacing terrible code with good audited code.

> I think it would be nice to have libressl in testing though so we have
> something to compare with.

I agree that it should be in testing and vetted before any actual
changes are made to the mainline. However I think this would be a
time for us to create a repo to house automated tests for aports,
starting with LibreSSL.

Received on Fri Feb 06 2015 - 17:06:13 UTC