Mail archive

Re: [alpine-devel] Proposed change: openssl 1.1 as default system openssl implementation

From: Laurent Bercot <>
Date: Thu, 08 Feb 2018 17:53:39 +0000

>But openssl 1.1 has a different situation: Akamai and the Core
>Infrastructure Initiative have come together to sponsor development
>and maintenance of openssl since we switched, which means that there's
>higher quality maintenance occuring now. They are also working on a
>relicensing process, much like the libressl guys are doing, which has
>a larger scope[1]. Meanwhile, the libressl guys have been removing
>functionality we depend on, such as support for hardware accelerators
>(ENGINE apis), switching from 64-bit TAIN date calculations to time_t
>(because time_t is good enough on OpenBSD) and dropping openssl 1.0.1
>APIs they see as unsuitable.
>libressl promised to retain compatibility with 1.0.1g APIs, but has
>failed to do so.

  These arguments sound reasonable, so despite having lobbied for the
switch to libressl at the time, I have no objection to switching back
to openssl now.

Received on Thu Feb 08 2018 - 17:53:39 UTC