From owner-freebsd-ports@freebsd.org Sat Jul 9 05:40:39 2016 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E35BAB84C46 for ; Sat, 9 Jul 2016 05:40:39 +0000 (UTC) (envelope-from ohauer@gmx.de) Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4659B11C8; Sat, 9 Jul 2016 05:40:38 +0000 (UTC) (envelope-from ohauer@gmx.de) Received: from [192.168.100.100] ([87.139.233.65]) by mail.gmx.com (mrgmx001) with ESMTPSA (Nemesis) id 0MgKUo-1bjU7c3rZW-00NeVe; Sat, 09 Jul 2016 07:40:31 +0200 Subject: Re: [HEADSUP] change in default openssl coming To: freebsd-ports@freebsd.org References: From: olli hauer Cc: Mathieu Arnold Message-ID: <98e76062-f6bf-d335-a41c-d2ac701294fa@gmx.de> Date: Sat, 9 Jul 2016 07:40:32 +0200 User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Provags-ID: V03:K0:ZPVjL+qov0LZR0AuU/HSWHTNAZJLeSOZLJxDQXH4LzWT0pZ2qnt PIa2GlHWnRq2saKILsmXQDfknJizCsrflUItC97gEfdKhdHuRGKU5cEfpRIvXLr+etXZArM F7WU7eztBwWDVGLgsCTjVLdD+eqpARRL/qe3+fd6A7ufgd+3e4kHBZ93FFDPFRj9UEhmHzx IPQv8+A6sCSp8wzylyBnA== X-UI-Out-Filterresults: notjunk:1;V01:K0:1OFM87Zb3Vc=:EPCxdbS4WtQF2kncX41oaf nQuq2WYhE7wvhxO2Uf/6fcGmdY1fYXroLfmrH195ek23VyCcPrOSGVXGjWFLO3GAETsZfCTp+ 0/kYzGzthKN2pS9FIg6eIdFczff2AhlM0v6tpssjUxNyEbHfri/1xKnRjaqKlB/04RlUhdK9V m9opVJ/rdsRIZXpU6hYkwnCM+oP4VtX3ZeTFNwo4l/WkbVVqgPOr7ITofdMJ9JQ2dGqn6ShSw OzxoyHDWedQnxVJsbAESEl1uQC6/7NXLZn8GElTMUzzp1MsRLezIvrqC1FMSZzXu34tLlEfQ2 8o8OHlw0NPuMHT4Qolj3P5awIe/HitKqunlbVKmsaG9CJVzlAEtxaMzbxoF/5VPcauXzKn8n6 0dA8Rf+5yN66pgG6wwR8TK7PeuJzSGJzqp8xOpStyc/oUxTnaLNR6b5ff8vtVklcboriksreC guGdt7jV4CGW3bnhWyHhPWmYl6PZ1Q48bHUMjhpBQkEBuZZ6zlppM4s6PweXePGl0dlZDBqZa W1Uk5XeKEeRd1HHaIzheYs12QTK6fNinnGmX0WHg8XWmKvp1GwuSQj0q7nigZyf8v7A3jR4PE izk/9rJ8hOPljU885L11duPE2gAjl2ORsNhJojp7q5IgFxOhacrGKp/97Q/rpdFDsAbhu1kMg Yudlm77qZzW85fY91eaTx4yCzoeIlu97Y+NFkzPgFopnElj9W6Hdhjju2u40aL66lyoxGO8rg W0zBcDW2tQuGvGaZ+J/xR1k80O3swkpUB1oPHbiuX2qbNOZ8yfQvFhE9qexCkwIpIeO4cbzGJ ei0cZI7 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Jul 2016 05:40:40 -0000 On 2016-07-08 08:26, Mathieu Arnold wrote: > Hi, > > During this summer (sometime in August I think) I will be changing the > default OpenSSL for the ports tree from the base system version to > security/openssl. > > I will also, because it goes with it, change the default GSSAPI from base > to something else, I think the consensus was to use the MIT version, which > is security/krb5. > > Before I do that, it would be nice if people who actually use Kerberos (so, > that's the two of you at the back) could provide some feedback if it > changing this will break things. > Looking at the next release of openssl (1.1.x) and the deprecation of SSL2/SSL3/MD2 I want to throw in the following question. Are there any plans to adjust the default OPTIONS for security/openssl before / during the phase it will become the default for ports? It would be a good time to adjust the OPTIONS because the next release don't support them any longer