On Wed, Dec 1, 2021 at 9:03 PM Felipe Gasper <felipe@felipegasper.com> wrote: > > > On Dec 1, 2021, at 20:54, Ricardo Signes <perl.p5p@rjbs.manxome.org> wrote: > > We would only build, test, and install Net::SSLeay if openssl was available. [or LibreSSL, which Net::SSLeay also supports] > Would mbedTLS be an option? Itâs much smaller/lighter than OpenSSL. Its API is simple and easy to use. Until CPAN.pm or its dependencies support it, it's irrelevant to the current discussion. Same goes for GnuTLS, Apple's CommonCrypto, Microsoft's Schannel, or any other TLS library out there except OpenSSL and LibreSSL, which are already supported by Net::SSLeay. I'm not saying there is anything wrong with these other various TLS implementations, but we are not looking for TLS support in the abstract; we are looking for how to install Perl modules over the Internet securely, which is realistically not likely to happen unless we build on the tools we already have.Thread Previous | Thread Next