Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?

To: <debian-devel@lists.debian.org>
Subject: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?
From: Alexander Traud <pabstraud@compuserve.com>
Date: Thu, 11 Nov 2021 16:50:18 +0100
Message-id: <[🔎] 88941FAD-32B3-41FC-9FEC-22988C3751A9@compuserve.com>
References: <88941FAD-32B3-41FC-9FEC-22988C3751A9.ref@compuserve.com>

Many projects out there support not just a single crypto library like OpenSSL but others like GnuTLS and NSS as well. While building the project, a switch must be enabled or changed. Some projects even default not to OpenSSL. I saw Curl, which supports all three via six different packages, three runtime packages, and three -dev packages.

Debian is very much OpenSSL. However, I see some packages default to GnuTLS or even NSS without providing OpenSSL, although their source project supports it.

Question(s): Is there a recommendation/guideline/policy that package maintainers should prefer a specific crypto library (OpenSSL?) if they cannot support all of them? If not, is there an argumentation aid to convince package maintainers. Then, I would use that aid to file a wishlist on the bug tracking system for those projects, I know an alternative crypto library exists.

Reply to:

Follow-Ups:
- Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?
  - From: Russ Allbery <rra@debian.org>
- Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?
  - From: Stephan Verbücheln <verbuecheln@posteo.de>

Prev by Date: Re: Search content (.h files) of all (-dev) packages?
Next by Date: Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?
Previous by thread: Re: Search content (.h files) of all (-dev) packages?
Next by thread: Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?
Index(es):
- Date
- Thread