Hi Kurt, On Sat, Jul 12, 2014 at 01:25:47PM +0200, Kurt Roeckx wrote: > What are you doing with the binaries, include files, man pages, > ...? Will they conflict with the ones from openssl?
my intention is to package this stuff so one can have both openssl and libressl installed in parallel. libressl currently has libraries with these sonames: libssl.so.26 libcrypto.so.29 > If you're interested in maintaining such a package, why did you > never respond to the RFH for openssl? There are a number of reasons for that, but one has been that I was unhappy about the perceived 'closedness' of the project, and my general feeling that I would like to have an alternative to openssl, which has been festering for several years now. For a while, I was hoping for libgnutls, but after the wakeup call, sent by heartbeat, I tried to figuere out which would be the best way forward, and I generally trust the OpenBSD folks, who are the vast majority behind LibreSSL, much more with respect to their ability to understand security and pursuing a "no backdoors" philosophy than most other people. FWIW, I have well over a decade of very good experience with OpenBSD, although I prefer Debian for most purposes, including a general slant towards "copyleft" (GPL) instead of "copyright" (BSD). They simply provide one of the, or the one, most viable alternatives to OpenSSL, thus helping to break down the obviously unhealthy monopoly that currently is OpenSSL. @Marco et al: I'll answer your other questions RSN, but the first portable release has only appeared yesterday, so it'll take some time until the dust settles. And no, I don't think we should go into production and switch to LibreSSL right now. But we should definitely have it. @Kurt: That should imho go to devel@, not only to you and the BTS. Kind regards, --Toni++ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
