| 1 |
On Mon, Dec 28, 2020 at 11:33:36PM +0100, Michał Górny wrote: |
| 2 |
> On Mon, 2020-12-28 at 22:00 +0000, Peter Stuge wrote: |
| 3 |
> > Michał Górny wrote: |
| 4 |
> > > LibreSSL users, does LibreSSL today have any benefit over OpenSSL? |
| 5 |
> > |
| 6 |
> > Yes, at least two: |
| 7 |
> > |
| 8 |
> > A. It is a distinct implementation with probably /quite some/ stable |
| 9 |
> > compatibility, meaning that it will work perfectly fine as an |
| 10 |
> > alternative in many cases. |
| 11 |
> |
| 12 |
> Except that it doesn't, as has been proven numerous times. |
| 13 |
|
| 14 |
I just want to comment that I switched to LibreSSL on several Gentoo |
| 15 |
systems years ago and never had any major issues. |
| 16 |
I run both desktop and server systems with LibreSSL, based on X and |
| 17 |
Wayland. The only issues I ran into is a slight lag of the overlay |
| 18 |
behind the main tree so once in a while I had to mask a new version of |
| 19 |
some package for a week or so. |
| 20 |
So from a pure user perspective, thing change would mean a risky update |
| 21 |
to systems running stable for years with no gain whatsoever. |
| 22 |
So even if LibreSSL does not provide any advantage over OpenSSL |
| 23 |
(anymore), dropping support would do harm. |
| 24 |
That said, I do understand maintainer burden and I will probably be fine |
| 25 |
with such a change. But I have to say that over the last ten years, |
| 26 |
Gentoo does feel a lot less focussed on choice than it used to and I am |
| 27 |
counting the days until is deemed 'unpractical' to support legacy boot, |
| 28 |
non-systemd init or 'exotic' arches. ;-) |
| 29 |
|
| 30 |
Best, |
| 31 |
Marcel |
Archives