[systemd-devel] Antw: [EXT] RFC: Moving fully to OpenSSL (aka. stopping support for gnutls/gcrypt)?
Lennart Poettering
lennart at poettering.net
Wed Dec 9 10:25:31 UTC 2020
On Mi, 09.12.20 10:55, Ulrich Windl (Ulrich.Windl at rz.uni-regensburg.de) wrote:
> > This is of course less than ideal, since it means we need to maintain
> > needlessly complex, redundant code to support this, it's not complete
> > (as not all combinations are supported), and footprint for general
> > purpose distros is effectively doubled.
> >
> > I think we should go OpenSSL all the way, and replace/drop support for
> > gnutls and libgcrypt, unifying on a single crypto library. This was
> > previously problematic since on Debian linking LGPL code against
> > OpenSSL was considered legally "unclean". This has recently changed
> > though:
>
> What about this:
> Have a mechanism to select either gnutls or openssl for everything.
Hu, no. I am not gonna write *more* code to get rid of code. The goal
is to make the footprint smaller, not to make it larger.
> Then see how many people will use gnutls and how many will use openssl.
> Then decide what to do.
We won't see that. The distro people make decisions what to enable and
what not. They might as well tell us right-away then. Which is what I
am asking for here: if anyone actually cares about gnutls/gcrypt
support and what the reasons for them are.
I want something stronger than "I like" and "I dislike". I want to
hear technical, or legal reasons. Not "taste".
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list