Mail archive

[alpine-devel] Switching back to OpenSSL

From: Natanael Copa <>
Date: Thu, 11 Oct 2018 17:17:46 +0200


Are there any good reasons to not switch back to OpenSSL for v3.9?

Some reasons why I think we should switch back to OpenSSL:
- better upstream support from projects
- To my understanding, various of the issues in OpenSSL that made us
  switch to libressl have been resolved. (for example memory management)
- libressl failed to retain compability with OpenSSL
- libressl breaks ABI every 6 months, OpenSSL does not
- FIPS support

Some reasons to why we may continue with libressl may be:
- its smaller
- has fewer CVEs (due to their approach to remove stuff)
- libtls

Previous thread on the issue:


Received on Thu Oct 11 2018 - 17:17:46 UTC