On Thu, Feb 3, 2022 at 02:33:37PM -0500, Robert Haas wrote: > As a philosophical matter, I don't think it's great for us - or the > Internet in general - to be too dependent on OpenSSL. Software > monocultures are not great, and OpenSSL has near-constant security > updates and mediocre documentation. Now, maybe anything else we
I don't think it is fair to be criticizing OpenSSL for its mediocre documentation when the alternative being considered, NSS, has no public documentation. Can the source-code-defined NSS documentation be considered better than the mediocre OpenSSL public documentation? For the record, I do like the idea of adding NSS, but I am concerned about its long-term maintenance, we you explained. -- Bruce Momjian <br...@momjian.us> https://momjian.us EDB https://enterprisedb.com If only the physical world exists, free will is an illusion.