Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL (addendum)
On Mon, Jul 14, 2014 at 10:08:01PM +0200, Toni Mueller wrote:
> On Sun, Jul 13, 2014 at 12:22:49PM +0200, Jeroen Dekkers wrote:
> > OpenSSL was part of OpenBSD before they created the LibreSSL fork, so
> > how isn't OpenSSL part of the OpenBSD track record?
> it is in the way that they include it, and it also contributed a
> significant amount of all patches that were required over the years, but
> the typical way OpenBSD operates - from my perspective - is, they
> include something (eg. Sendmail), and once they get fed up with it for
> whatever reason, unless they find something acceptable out there (eg.
> nginx instead of Apache, or nsd(?)+unbound instead of BIND), they start
> to roll their own. A few releases later, the old stuff is being demoted
> or removed entirely (eg. for RAIDframe -> softraid, the switchover
> period where you could choose was more than four years, afair). Such
> changes do happen in a disruptive manner, as there is usually nothing
> that aids you in converting your setup from the old to the new software.
After a period of settling in, the alternatives are usually much less
troublesome than their respective predecessors, and typically produce
less security problems.