On Sat, Jul 12, 2014 at 01:53:45PM +0200, Toni Mueller wrote: > > Hi Kurt, > > On Sat, Jul 12, 2014 at 01:25:47PM +0200, Kurt Roeckx wrote: > > What are you doing with the binaries, include files, man pages, > > ...? Will they conflict with the ones from openssl? > > my intention is to package this stuff so one can have both openssl and > libressl installed in parallel. libressl currently has libraries with > these sonames: > > libssl.so.26 > libcrypto.so.29
I don't really like it, since it could potentionally clash with the ones provided by openssl. But it seems unlikely that openssl will ever use that as soname. I had the feeling openbsd didn't care much about ABI stability, and that being at 26 and 29 already doesn't give me a good feeling either. I hope you don't have to go and change the binary package names each time you upload a new version. > > If you're interested in maintaining such a package, why did you > > never respond to the RFH for openssl? > > There are a number of reasons for that, but one has been that I was > unhappy about the perceived 'closedness' of the project I was never very happy with it either. But it has very recently changed, and I think it's going in the right direction. I'm now also in the openssl development team. > I generally trust > the OpenBSD folks, who are the vast majority behind LibreSSL, much more > with respect to their ability to understand security and pursuing a "no > backdoors" philosophy than most other people. I'm not really sure what you mean by this. I'm pretty sure the openssl development team has a pretty good understanding of security and I don't see anybody adding a backdoor in it. > FWIW, I have well over a > decade of very good experience with OpenBSD Not everybody has the same experience with them. > although I prefer Debian > for most purposes, including a general slant towards "copyleft" (GPL) > instead of "copyright" (BSD). They simply provide one of the, or the > one, most viable alternatives to OpenSSL, thus helping to break down the > obviously unhealthy monopoly that currently is OpenSSL. I think GnuTLS is actually a better alternative and wish there were more people developing and using it. > @Kurt: That should imho go to devel@, not only to you and the BTS. I did intend to send it to the list, but forgot to Cc it, so doing that now. Kurt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
