Re: OpenSSL 1.1.0
Niels Thykier:
> Marco d'Itri:
>> On Nov 14, Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com> wrote:
>>
>>> And yes, I would step back and switch libssl-dev to provide libssl1.0-dev and
>>> have libssl1.1-dev around for anyone who can really do the switch.
>> I would not: OpenSSL 1.0 does not support ChaCha20 so it would be a very
>> bad default for next year's release.
>> Bad enough that I would have to use a different distribution for some
>> web servers.
>>
>
> At the moment, the maintainers of apache2 are picking the openssl 1.0
> route. So at this rate, you would not get ChaCha20 for apache2 in
> stretch anyway even if ssl1.1 says the "default"... :-/
>
> [...]
>
> Thanks,
> ~Niels
>
For avoidance of doubt, this was not aimed at the apache2 maintainers.
I appreciate that "ssl1.0 vs. ssl1.1" is not an entirely easy decision
for maintainers - especially as it affects reverse dependencies as well.
The apache2 case was mentioned because I deemed it relevant to Marco's
argument.
~Niels
Reply to: