Mail archive
alpine-devel

[alpine-devel] Switching back to OpenSSL

From: Natanael Copa <ncopa_at_alpinelinux.org>
Date: Thu, 11 Oct 2018 17:17:46 +0200

Hi,

Are there any good reasons to not switch back to OpenSSL for v3.9?

Some reasons why I think we should switch back to OpenSSL:
- better upstream support from projects
- To my understanding, various of the issues in OpenSSL that made us
  switch to libressl have been resolved. (for example memory management)
- libressl failed to retain compability with OpenSSL
- libressl breaks ABI every 6 months, OpenSSL does not
- FIPS support

Some reasons to why we may continue with libressl may be:
- its smaller
- has fewer CVEs (due to their approach to remove stuff)
- libtls

Previous thread on the issue:
http://lists.alpinelinux.org/alpine-devel/6073.html


-nc


---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Thu Oct 11 2018 - 17:17:46 GMT