[Python-Dev] New OpenSSL - has anyone ever looked at (in)compatibility with LibreSSL

Gregory P. Smith greg at krypto.org
Mon Mar 14 20:06:50 EDT 2016


On Mon, Mar 14, 2016 at 4:56 PM Nathaniel Smith <njs at pobox.com> wrote:

> Should people outside google pay attention to boringssl? The first
> thing it says on the website is:
>
> "Although BoringSSL is an open source project, it is not intended for
> general use, as OpenSSL is. We don’t recommend that third parties
> depend upon it. Doing so is likely to be frustrating because there are
> no guarantees of API or ABI stability."
>

Heh, good point.  I guess not.  :)


> On Mon, Mar 14, 2016 at 4:40 PM, Gregory P. Smith <greg at krypto.org> wrote:
> > Don't forget BoringSSL.
> >
> > On Wed, Mar 9, 2016 at 9:30 AM Michael Felt <mamfelt at gmail.com> wrote:
> >>
> >> Can look at it. There has been a lot of discussion, iirc, between
> OpenSSL
> >> and LibreSSL re: version identification.
> >> Thx for the reference.
> >>
> >>
> >> On 08-Mar-16 14:55, Hasan Diwan wrote:
> >>
> >>
> >> On 8 March 2016 at 00:49, Michael Felt <michael at felt.demon.nl> wrote:
> >>>
> >>> As a relative newcomer I may have missed a long previous discussion re:
> >>> linking with OpenSSL and/or LibreSSL.
> >>> In an ideal world this would be rtl linking, i.e., underlying
> >>> complexities of *SSL libraries are hidden from applications.
> >>>
> >>> In short, when I saw this http://bugs.python.org/issue26465 Title:
> >>> Upgrade OpenSSL shipped with python installers, it reminded me I need
> to
> >>> start looking at LibreSSL again - and that, if not already done -
> might be
> >>> something "secure" for python as well.
> >>
> >>
> >> According to the libressl website, one of the projects primary goals is
> to
> >> remain "backwards-compatible with OpenSSL", which is to say, to either
> have
> >> code work without changes or to fail gracefully when it uses the
> deprecated
> >> bits. It does seem it ships with OpenBSD. There is an issue open on
> bugs to
> >> address whatever incompatibilities remain between LibreSSL and
> OpenSSL[1].
> >> Perhaps you might want to take a look at that? -- H
> >> 1. https://bugs.python.org/issue23177
> >>>
> >>>
> >>> Michael
> >>> _______________________________________________
> >>> Python-Dev mailing list
> >>> Python-Dev at python.org
> >>> https://mail.python.org/mailman/listinfo/python-dev
> >>> Unsubscribe:
> >>>
> https://mail.python.org/mailman/options/python-dev/hasan.diwan%40gmail.com
> >>
> >>
> >>
> >>
> >> --
> >> OpenPGP: http://hasan.d8u.us/gpg.asc
> >> Sent from my mobile device
> >> Envoyé de mon portable
> >>
> >>
> >> _______________________________________________
> >> Python-Dev mailing list
> >> Python-Dev at python.org
> >> https://mail.python.org/mailman/listinfo/python-dev
> >> Unsubscribe:
> >> https://mail.python.org/mailman/options/python-dev/greg%40krypto.org
> >
> >
> > _______________________________________________
> > Python-Dev mailing list
> > Python-Dev at python.org
> > https://mail.python.org/mailman/listinfo/python-dev
> > Unsubscribe:
> > https://mail.python.org/mailman/options/python-dev/njs%40pobox.com
> >
>
>
>
> --
> Nathaniel J. Smith -- https://vorpus.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20160315/100e694e/attachment-0001.html>


More information about the Python-Dev mailing list