> libtls is tied to libressl as a matter of convenience and happenstance, > but it doesn't need to be that way.
If I recall, libtls requires the ability to pass certs as memory rather than directly loading it from a file. And OpenSSL native lacks any way of doing this, and their team rejected the API which loads the file into memory, for handling later. Which is pretty foundational for use in privsep programs which should not have a view on /etc.
