Date: Sun, 13 Dec 2020 14:16:18 -0800 From: Gordon Tetlow <gordon@tetlows.org> To: John Long <codeblue@inbox.lv> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-20:33.openssl Message-ID: <X9aSsl%2B1UbWarIa/@gmail.com> In-Reply-To: <20201213121208.54f8a8ed@inbox.lv> References: <20201209230300.03251CA1@freefall.freebsd.org> <20201211064628.GM31099@funkthat.com> <813a04a4-e07a-9608-40a5-cc8e339351eb@FreeBSD.org> <20201213005708.GU31099@funkthat.com> <20201213020727.GP64351@kduck.mit.edu> <20201213121208.54f8a8ed@inbox.lv>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Dec 13, 2020 at 12:12:08PM +0000, John Long via freebsd-security wrote: > Hi Guys, > > What about adopting OpenBSD's libressl? I was expecting it to take a > long time to be compatible but from my uneducated point of view it > looks like they did an incredible job. I think everything on OpenBSD > uses it. > > I was running OpenBSD until I put FreeBSD 12.2 on a new box, so I > haven't been looking at for a year or so. > > Does anybody know if this is a viable option? Can we just link against > libressl or is it (much) more involved than that? As was mentioned elsewhere, LibreSSL isn't a great fit due to their very limited support lifespan of a given release. Once a stable release is made, that branch is only given 1 year of support. This doesn't mesh well with FreeBSD's 5 year support lifespan of a given branch. Gordon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?X9aSsl%2B1UbWarIa/>