Re: Bug#754513: RFP: libressl -- SSL library, forked from OpenSSL
On Mon, Oct 16, 2017 at 05:29:09PM +0100, Colin Watson wrote:
Out of all of these, I think the option that I think has the fewest
downsides overall is to convince people to package LibreSSL, but I'm not
myself in a position to contribute to that effort.
Does anyone have thoughts or other options, or want to help?
My understanding is that the libressl project does not support a release
for the length of a debian release cycle, and does not commit to API
stability for debian-cycle periods. (The openbsd model historically is
to break ABI and even API between releases, in order to minimize
compatability code, which works with their rebuild-the-world release
model.) Is there any sign that if debian packages libressl in order to
use openssh, debian would not end up being the de facto maintainers of
an unsupported years-old libressl release by the end of a debian
stable release cycle (not to mention debian LTS)? I think that in
practical terms that would leave us worse off than settling on a
compatability layer that's shared with other distributions.