2013/7/12 Alan W. Irwin <ir...@beluga.phys.uvic.ca>: > On 2013-07-12 20:27-0000 David Cole wrote: > >> It’s a bad bad really bad idea to make the build of OpenSSL “in-house” as >> you’ve been calling it... CMake SHOULD use the system openssl for >> distributions that have one already. >> >> >> If there are problems with that approach, then the problems should be >> addressed, but bringing a security component into “we have our own custom >> build of that which you must use”-land is NEVER a good idea. >> >> >> Just my opinion. Feel free to flame me if I’m wrong.
+1, I won't mess-up security team work. > > > Hmmm. Now that you have brought up the security aspect, I agree that > an in-house build is probably a bad idea. But only one "bad". "bad > bad really bad" is probably over the top. And that is your monster > flame for the day. :-) > > Seriously, though, what do you do in the Windows case where > there is no "trusted" distribution to build the openssl library for you? I > presume you download some Windows binary from a location you trust, but > what location is that? Then ask your windows provider to provide one. How on earth could a "real" operating system be provided without a proper SSL library implementation and header? So, every web browser on Windows is providing his own SSL lib? Now the real flame may begin :-] -- Erk L'élection n'est pas la démocratie -- http://www.le-message.org -- Powered by www.kitware.com Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html Please keep messages on-topic and check the CMake FAQ at: http://www.cmake.org/Wiki/CMake_FAQ Follow this link to subscribe/unsubscribe: http://public.kitware.com/cgi-bin/mailman/listinfo/cmake-developers
