> Moreover, the default config file contains: > > # get the time constraint from a well-known HTTPS site > #constraints from "https://www.google.com/" > > so that the contraints option seems to be valid. Hi Vincent!
Indeed, that was one of the changes that needed to be pointed out at the current package status. My understanding of the current situation is that libreSSL's libtls might have not possible worked at Debian at any point, since it has been discussed long and wide due to is necessary openssl->libressl transition. Accidentally, BrentCook (openntpd portable branch maintainer) has been commenting around #754513 with no apparent conclusion on the subject. It might be possible that I'm missing a bit, but it appears from a high level view that contraints might not work yet at Debian out of the box (that is, without and embedded libressl's libtls copy , which Brent actually suggested to me on private emails). Please feel free to reopen/update this with more information if that's the case. Cheers, Dererk -- BOFH excuse #449: greenpeace free'd the mallocs
signature.asc
Description: OpenPGP digital signature