Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL (addendum)

To: Jeroen Dekkers <jeroen@dekkers.ch>
Cc: debian-devel@lists.debian.org
Subject: Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL (addendum)
From: Toni Mueller <toni@debian.org>
Date: Mon, 14 Jul 2014 22:11:59 +0200
Message-id: <[🔎] 20140714201159.GC12760@spruce.wiehl.oeko.net>
In-reply-to: <[🔎] 20140714200800.GB12760@spruce.wiehl.oeko.net>
References: <[🔎] 20140711220627.24261.14073.reportbug@spruce.wiehl.oeko.net> <20140712112547.GA17955@roeckx.be> <20140712115345.GA10308@spruce.wiehl.oeko.net> <[🔎] 20140712121513.GA18849@roeckx.be> <[🔎] 20140712124645.GB10308@spruce.wiehl.oeko.net> <[🔎] 87vbr1y2va.wl%jeroen@dekkers.ch> <[🔎] 20140714200800.GB12760@spruce.wiehl.oeko.net>

On Mon, Jul 14, 2014 at 10:08:01PM +0200, Toni Mueller wrote:
> On Sun, Jul 13, 2014 at 12:22:49PM +0200, Jeroen Dekkers wrote:
> > OpenSSL was part of OpenBSD before they created the LibreSSL fork, so
> > how isn't OpenSSL part of the OpenBSD track record?
> 
> it is in the way that they include it, and it also contributed a
> significant amount of all patches that were required over the years, but
> the typical way OpenBSD operates - from my perspective - is, they
> include something (eg. Sendmail), and once they get fed up with it for
> whatever reason, unless they find something acceptable out there (eg.
> nginx instead of Apache, or nsd(?)+unbound instead of BIND), they start
> to roll their own. A few releases later, the old stuff is being demoted
> or removed entirely (eg. for RAIDframe -> softraid, the switchover
> period where you could choose was more than four years, afair). Such
> changes do happen in a disruptive manner, as there is usually nothing
> that aids you in converting your setup from the old to the new software.

After a period of settling in, the alternatives are usually much less
troublesome than their respective predecessors, and typically produce
less security problems.


Kind regards,
--Toni++

Reply to:

References:
- Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
  - From: Toni Mueller <support@oeko.net>
- Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
  - From: Kurt Roeckx <kurt@roeckx.be>
- Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
  - From: Toni Mueller <toni@debian.org>
- Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
  - From: Jeroen Dekkers <jeroen@dekkers.ch>
- Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
  - From: Toni Mueller <toni@debian.org>

Prev by Date: Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Next by Date: Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Previous by thread: Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Next by thread: Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Index(es):
- Date
- Thread