X-Original-To: alpine-devel@lists.alpinelinux.org
Received: from mail.wilcox-tech.com (mail.wilcox-tech.com [45.32.83.9])
	by lists.alpinelinux.org (Postfix) with ESMTP id 5B3285C4E4A
	for <alpine-devel@lists.alpinelinux.org>; Thu,  8 Feb 2018 19:33:51 +0000 (GMT)
Received: (qmail 27389 invoked from network); 8 Feb 2018 19:33:47 -0000
Received: from 107-131-85-28.lightspeed.tulsok.sbcglobal.net (HELO ?192.168.1.237?) (awilcox@wilcox-tech.com@107.131.85.28)
  by mail.wilcox-tech.com with ESMTPA; 8 Feb 2018 19:33:47 -0000
Subject: Re: [alpine-devel] Proposed change: openssl 1.1 as default system
 openssl implementation
To: alpine-devel@lists.alpinelinux.org
References: <CA+T2pCGFeh30aEi43hAvJ3yoHBijABy_U62wfjhVmf3FmbNUUg@mail.gmail.com>
 <20180208180544.3ff19e66@mechanicum.chadwicks.me.uk>
 <CA+T2pCFi7iAqSxq500VYS=3a2GYTkF0akWhy6oVpL7B7O1N-Ew@mail.gmail.com>
 <20180208192207.7e0da20a@mechanicum.chadwicks.me.uk>
From: "A. Wilcox" <awilfox@adelielinux.org>
Organization: =?UTF-8?Q?Ad=c3=a9lie_Linux?=
Message-ID: <cd4e6d83-c8d8-d654-955c-83cd96f5e6d8@adelielinux.org>
Date: Thu, 8 Feb 2018 13:33:58 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.2.0
X-Mailinglist: alpine-devel
Precedence: list
List-Id: Alpine Development <alpine-devel.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-devel+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-devel@lists.alpinelinux.org>
List-Help: <mailto:alpine-devel+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-devel+subscribe@lists.alpinelinux.org?subject=subscribe>
MIME-Version: 1.0
In-Reply-To: <20180208192207.7e0da20a@mechanicum.chadwicks.me.uk>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="LwW441foTl5jshNFp0li4Devfm96vw4M6"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--LwW441foTl5jshNFp0li4Devfm96vw4M6
Content-Type: multipart/mixed; boundary="Ougmc6DvrU65BDUmM4X9H3caxku9QbNLK";
 protected-headers="v1"
From: "A. Wilcox" <awilfox@adelielinux.org>
To: alpine-devel@lists.alpinelinux.org
Message-ID: <cd4e6d83-c8d8-d654-955c-83cd96f5e6d8@adelielinux.org>
Subject: Re: [alpine-devel] Proposed change: openssl 1.1 as default system
 openssl implementation
References: <CA+T2pCGFeh30aEi43hAvJ3yoHBijABy_U62wfjhVmf3FmbNUUg@mail.gmail.com>
 <20180208180544.3ff19e66@mechanicum.chadwicks.me.uk>
 <CA+T2pCFi7iAqSxq500VYS=3a2GYTkF0akWhy6oVpL7B7O1N-Ew@mail.gmail.com>
 <20180208192207.7e0da20a@mechanicum.chadwicks.me.uk>
In-Reply-To: <20180208192207.7e0da20a@mechanicum.chadwicks.me.uk>

--Ougmc6DvrU65BDUmM4X9H3caxku9QbNLK
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

On 02/08/18 13:22, Kevin Chadwick wrote:
> Mark Espie -
>=20
> you've got to realize that openssl deliberately broke compatibility
> with previous versions precisely to try to stop libressl.

OpenSSL "broke" compatibility with previous versions /in an attempt to
create a better API/.  By "broke", that means removing functions that
were already deprecrated.  It had nothing to do with LibreSSL, but I'm
glad they have a victim complex.

>> By proper, I mean an implementation that is conformant with the
>> OpenSSL 1.0.1g API, which is what was promised by LibreSSL.
>>
>=20
> Is OpenSSL conformant, see above?

Yes, it isn't however conformant with 0.9 any more.

>> The protection improvements are the same: the custom memory management=

>> code has been removed from both.
>>
>=20
> You clearly do not know about the extra protections and priviledge
> separation in LibreSSL!!!

You must be talking about Pledge, which allows LibreSSL to declare what
system calls it will and will not be using.  Of course, Pledge is only
available in OpenBSD.

> I guess you think PAM is great too?

Completely unrelated and unnecessary question.


--arw

--=20
A. Wilcox (awilfox)
Project Lead, Ad=E9lie Linux
http://adelielinux.org


--Ougmc6DvrU65BDUmM4X9H3caxku9QbNLK--

--LwW441foTl5jshNFp0li4Devfm96vw4M6
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQJMBAEBCAA2FiEEjNyWOYPU1SaTSMHHyynLUZIrnRQFAlp8piYYHGF3aWxmb3hA
YWRlbGllbGludXgub3JnAAoJEMspy1GSK50UsUsP/2ZGBtCKBLfqdHw0OuOvOU3s
VaZdUIKVPYN+VGMnxd0IR9TqTFbEbuVXTgpKm+L08sgwCXHfIpsbD6pPTuszXkPM
EwzM0IIEgPeADVphmycpQV58xm6kv0sGBSuslkwNzjFawIOsq2OcFlqTBDny5mMX
VBuwXnQvw/DwvMpgs7FHdgkzezaf42z5n/MJmwttN+srRit8ivpBGiqNI/nAerUI
xJNhr6AJjjMW4+bh0rHs551Sc7qmTL5FQOpGGS/to8vgjzP0FtZtSVZTpJVbPUQn
BFuU834slqoU3JLQWt5YbrgVnNIY9S0m0YSRd4FGGvCy+La+S+qRQshkqToerxKC
yr78ZMn57s8J95RTcpKo5fWMnlb27E//snIr4wn9bEPZoh1DNKPNc/y38ZDNmdjM
j959Up2n5T9hh06pNPxpeBba5/jx2DF2/VDCjCncbVvbEo3s+RCIfxWR+L3DZAOZ
ddaVCFmTbzb/FqOh6fCfG6cCXpYv8dYakv5G297jOrDES9cQ0ni2B17nGWq5m+/i
rO5T05rrminrD6pmde1+KGW8i+MzNL20zSqbKXGP2u2MtsJsn+8/oBK9vPMayDqZ
F9Xc7EOv95KqrFETsvT6up6IxeA8dO3wuhG5Fe0wzc3VzDIFTg8I8izOdGYOIWRZ
OmZECCY9rkNiQjvDbIQB
=clZG
-----END PGP SIGNATURE-----

--LwW441foTl5jshNFp0li4Devfm96vw4M6--


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---