Re: OpenSSL 1.1.0
Quoting Adrian Bunk (2016-11-14 23:16:14)
> On Mon, Nov 14, 2016 at 07:10:00PM +0000, Niels Thykier wrote:
>> Marco d'Itri:
>>> On Nov 14, Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com> wrote:
>>>> And yes, I would step back and switch libssl-dev to provide
>>>> libssl1.0-dev and have libssl1.1-dev around for anyone who can
>>>> really do the switch.
>>> I would not: OpenSSL 1.0 does not support ChaCha20 so it would be a
>>> very bad default for next year's release.
>>> Bad enough that I would have to use a different distribution for
>>> some web servers.
[...]
> For Apache, the choices available are:
> 1. no ChaCha20 in Apache in stretch
> 2. move the stretch release schedule by 6-12 months to have
> only OpenSSL 1.1 in stretch
> 3. apply ChaCha20 patches to OpenSSL 1.0.2
4. use libapache2-mod-gnutls?
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
Reply to: