X-Original-To: alpine-devel@lists.alpinelinux.org Received: from mail-wm0-f50.google.com (mail-wm0-f50.google.com [74.125.82.50]) by lists.alpinelinux.org (Postfix) with ESMTP id DA3755C5C94 for ; Thu, 8 Feb 2018 18:04:08 +0000 (GMT) Received: by mail-wm0-f50.google.com with SMTP id i186so11052276wmi.4 for ; Thu, 08 Feb 2018 10:04:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=YwpVgzP638vtVR3ODY5HPTUeZb2GPuMJDTMSlhwuB8w=; b=d9e2eeZV5+j8kc8dExwt6261TAvMVv1xo1C8i1AURhy/5YVzJWiJGAPWDA9p8pMe8w gzakIF5ZgCUuPKbVbiHL8QJ8tM2FyAE8h8uTT+CC1Hg/Sqk/ryZFiAe9XYoYv8XlRNpS YN6jvSNyYuvE8W5TDi3tppEDcwdbzlMeLV7tmL37vzb/PBET6pVAIskWU/bGw2yVhPJL QOvLBzgjba68F4jULwGemi0rfNQbT9c7AcqVSu9sytRf3pMRd7+70otjAVn4Uv0+LpGi zWrcAkK+5vx+S4kkFXQnkMb8XGtkr1CRNGfF9PkvryMuF8lqu/9Wnfp/XXPqhb+oIlmR sr/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=YwpVgzP638vtVR3ODY5HPTUeZb2GPuMJDTMSlhwuB8w=; b=nQItYrQjcMuxGGJfFY/lFciaEny85ear5JNn+f4vyC6cns5lPLPgy2jXQRUBrXIOeX jeSOR0UP//3ym/cQHoiVG4e6JskWFTcENJDY+sDLpiOF5RXVRJV6rP4M9aaUMpSdB3ct w81q2C31aA5XCqZAYsv3fkOvSbLRXgcywjPCPnbkAIgC0PhU38ztHg9XOHn845/sGAns aQWv5VcwS6N72Bb2AYNVcklpGdq3Kn2ZreUcWNsa5d7oAQ1KxWw3twT3obDRhIEA6j3B clLpixZ/ZH6xFpnFirL3Ok0unNrBs7+YGMfRADIzKbT1IbhGT+4W2RwIKbhMPG7biEPJ el0g== X-Gm-Message-State: APf1xPBvJSf5h6z6Jy6gsC+L86gREiRigJt8z5GXX0BDI4P/inAj57rI fc9GlcSQjFdhCYP3ZiwqKslxaeeYKkNZ6uOy8gM= X-Google-Smtp-Source: AH8x227nOivV/subRtj+loRsKtlJCc1/JERgaPpqwcF02P6F5svh0JJtXMjVQ3uaWBW6HNsYYNu+erGZh1zA89amEUU= X-Received: by 10.28.170.195 with SMTP id t186mr98843wme.93.1518113048134; Thu, 08 Feb 2018 10:04:08 -0800 (PST) X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Received: by 10.28.107.138 with HTTP; Thu, 8 Feb 2018 10:04:06 -0800 (PST) Received: by 10.28.107.138 with HTTP; Thu, 8 Feb 2018 10:04:06 -0800 (PST) In-Reply-To: References: From: Chris Spillane Date: Thu, 8 Feb 2018 18:04:06 +0000 Message-ID: Subject: Re: [alpine-devel] Proposed change: openssl 1.1 as default system openssl implementation To: Laurent Bercot Cc: Alpine-devel Content-Type: multipart/alternative; boundary="001a114432c2f68a280564b73cf2" --001a114432c2f68a280564b73cf2 Content-Type: text/plain; charset="UTF-8" I concur On 8 Feb 2018 5:53 pm, "Laurent Bercot" wrote: > But openssl 1.1 has a different situation: Akamai and the Core >> Infrastructure Initiative have come together to sponsor development >> and maintenance of openssl since we switched, which means that there's >> higher quality maintenance occuring now. They are also working on a >> relicensing process, much like the libressl guys are doing, which has >> a larger scope[1]. Meanwhile, the libressl guys have been removing >> functionality we depend on, such as support for hardware accelerators >> (ENGINE apis), switching from 64-bit TAIN date calculations to time_t >> (because time_t is good enough on OpenBSD) and dropping openssl 1.0.1 >> APIs they see as unsuitable. >> >> libressl promised to retain compatibility with 1.0.1g APIs, but has >> failed to do so. >> > > These arguments sound reasonable, so despite having lobbied for the > switch to libressl at the time, I have no objection to switching back > to openssl now. > > -- > Laurent > > > > --- > Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org > Help: alpine-devel+help@lists.alpinelinux.org > --- > > --001a114432c2f68a280564b73cf2 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I concur

On 8 Feb 2018 5:53 pm, "Laurent Bercot" <ska-devel@skarnet.org> wrote:
But openssl 1.1 has a different situation: Akamai and the Core
Infrastructure Initiative have come together to sponsor development
and maintenance of openssl since we switched, which means that there's<= br> higher quality maintenance occuring now.=C2=A0 They are also working on a relicensing process, much like the libressl guys are doing, which has
a larger scope[1].=C2=A0 Meanwhile, the libressl guys have been removing functionality we depend on, such as support for hardware accelerators
(ENGINE apis), switching from 64-bit TAIN date calculations to time_t
(because time_t is good enough on OpenBSD) and dropping openssl 1.0.1
APIs they see as unsuitable.

libressl promised to retain compatibility with 1.0.1g APIs, but has
failed to do so.

=C2=A0These arguments sound reasonable, so despite having lobbied for the switch to libressl at the time, I have no objection to switching back
to openssl now.

--
=C2=A0Laurent



---
Unsubscribe:=C2=A0 alpine-devel+unsubscribe@lists.alpinelin= ux.org
Help:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0alpine-devel+help@lists.alpinelinux.org
---

--001a114432c2f68a280564b73cf2-- --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---