Andreas Enge <[email protected]> writes:
> the attached patch adds libressl. As you can see, it is quite a bit simpler
> than the openssl package, which already inspires confidence. I think we
> should add the package;
Agreed.
> the next question would be whether we should switch
> all inputs from openssl to libressl. I tried it for fetchmail, and it works
> just the same.
I would be in favor of trying this in core-updates. I have a lot more
confidence in the security of LibreSSL than OpenSSL. The name
"LibreSSL" also better reflects the values of the free software
movement, which is a nice bonus.
> I also wonder whether we should not unite gnutls.scm and openssl.scm into
> one tls.scm.
Sounds good to me.
> + ;; Files taken from OpenSSL keep their license, others are under various
> + ;; non-copyleft licenses.
> + (license (list license:openssl
> + (license:non-copyleft
> + "file://COPYING"
> + "See COPYING in the distribution.")))))
The COPYING file says that the OpenSSL code is under the OpenSSL license
and the new contributions are under ISC or public domain, so how about
this instead?
(license (list license:openssl
license:isc)))))
Thank you!
Mark
