Mail archive
alpine-devel

Re: [alpine-devel] Switching back to OpenSSL

From: Leonardo Arena <rnalrd_at_gmail.com>
Date: Thu, 11 Oct 2018 18:39:14 +0200

On Thu, Oct 11, 2018 at 5:17 PM Natanael Copa <ncopa_at_alpinelinux.org> wrote:

> Hi,
>
> Are there any good reasons to not switch back to OpenSSL for v3.9?
>
> Some reasons why I think we should switch back to OpenSSL:
> - better upstream support from projects
> - To my understanding, various of the issues in OpenSSL that made us
> switch to libressl have been resolved. (for example memory management)
> - libressl failed to retain compability with OpenSSL
> - libressl breaks ABI every 6 months, OpenSSL does not
> - FIPS support
>
> Some reasons to why we may continue with libressl may be:
> - its smaller
> - has fewer CVEs (due to their approach to remove stuff)
> - libtls
>
> Previous thread on the issue:
> http://lists.alpinelinux.org/alpine-devel/6073.html
>
>
I think that the package maintenance work alone doesn't justify LibreSSL
pros, not to mention that some packages never worked with LibreSSL (not
implying that is due to LibreSSL fault).

+1 to revert.

/eo



---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Thu Oct 11 2018 - 18:39:14 GMT