X-Original-To: alpine-devel@lists.alpinelinux.org Received: from mx1.tetrasec.net (mx1.tetrasec.net [74.117.190.25]) by lists.alpinelinux.org (Postfix) with ESMTP id D2E7E5C6423 for ; Thu, 11 Oct 2018 15:17:50 +0000 (GMT) Received: from mx1.tetrasec.net (mail.local [127.0.0.1]) by mx1.tetrasec.net (Postfix) with ESMTP id A8E569E0419 for ; Thu, 11 Oct 2018 15:17:50 +0000 (GMT) Received: from ncopa-desktop.copa.dup.pw (67.63.200.37.customer.cdi.no [37.200.63.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: alpine@tanael.org) by mx1.tetrasec.net (Postfix) with ESMTPSA id 3123F9E00C9 for ; Thu, 11 Oct 2018 15:17:50 +0000 (GMT) Date: Thu, 11 Oct 2018 17:17:46 +0200 From: Natanael Copa To: Alpine Development Subject: [alpine-devel] Switching back to OpenSSL Message-ID: <20181011171746.4c01f758@ncopa-desktop.copa.dup.pw> X-Mailer: Claws Mail 3.17.1 (GTK+ 2.24.32; x86_64-alpine-linux-musl) X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Hi, Are there any good reasons to not switch back to OpenSSL for v3.9? Some reasons why I think we should switch back to OpenSSL: - better upstream support from projects - To my understanding, various of the issues in OpenSSL that made us switch to libressl have been resolved. (for example memory management) - libressl failed to retain compability with OpenSSL - libressl breaks ABI every 6 months, OpenSSL does not - FIPS support Some reasons to why we may continue with libressl may be: - its smaller - has fewer CVEs (due to their approach to remove stuff) - libtls Previous thread on the issue: http://lists.alpinelinux.org/alpine-devel/6073.html -nc --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---