On Mon, Jul 14, 2014 at 10:08:01PM +0200, Toni Mueller wrote: > On Sun, Jul 13, 2014 at 12:22:49PM +0200, Jeroen Dekkers wrote: > > OpenSSL was part of OpenBSD before they created the LibreSSL fork, so > > how isn't OpenSSL part of the OpenBSD track record? > > it is in the way that they include it, and it also contributed a > significant amount of all patches that were required over the years, but > the typical way OpenBSD operates - from my perspective - is, they > include something (eg. Sendmail), and once they get fed up with it for > whatever reason, unless they find something acceptable out there (eg. > nginx instead of Apache, or nsd(?)+unbound instead of BIND), they start > to roll their own. A few releases later, the old stuff is being demoted > or removed entirely (eg. for RAIDframe -> softraid, the switchover > period where you could choose was more than four years, afair). Such > changes do happen in a disruptive manner, as there is usually nothing > that aids you in converting your setup from the old to the new software.
After a period of settling in, the alternatives are usually much less troublesome than their respective predecessors, and typically produce less security problems. Kind regards, --Toni++ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140714201159.gc12...@spruce.wiehl.oeko.net