Re: [alpine-devel] Switching back to OpenSSL
October 11, 2018 3:17 PM, "Natanael Copa" <ncopa_at_alpinelinux.org> wrote:
> Are there any good reasons to not switch back to OpenSSL for v3.9?
> Some reasons why I think we should switch back to OpenSSL:
> - better upstream support from projects
> - To my understanding, various of the issues in OpenSSL that made us
> switch to libressl have been resolved. (for example memory management)
> - libressl failed to retain compability with OpenSSL
> - libressl breaks ABI every 6 months, OpenSSL does not
> - FIPS support
> Some reasons to why we may continue with libressl may be:
> - its smaller
> - has fewer CVEs (due to their approach to remove stuff)
> - libtls
+1 to switch back to openssl.
Reasons to come back are totally valid (an more) compared with the pros in having libressl.
.: Francesco Colista
Received on Fri Oct 12 2018 - 06:20:19 UTC