> > Installing both openssl and libressl .a files in different directories > seems both useful and straightforward. I don't object to openssl being > favored for /usr/lib here, libressl gets a directory of its own, but > libressl.pc goes into /usr/lib/pkgconfig so that it is found automatically. > Obviously this will only be useful for packages wanting to statically link > with libressl lib{crypto,ssl}
There is an ongoing effort to remove static libraries from packages. but I think that's far better than removing > libressl. > No, it's not better, it's more work for the security team. >