develooper Front page | perl.perl5.porters | Postings from December 2021

Re: mbedTLS WAS Re: Pre-RFC: support https out-of-the-box

Thread Previous | Thread Next
Craig A. Berry
December 2, 2021 23:18
Re: mbedTLS WAS Re: Pre-RFC: support https out-of-the-box
Message ID:
On Wed, Dec 1, 2021 at 9:03 PM Felipe Gasper <> wrote:

> > On Dec 1, 2021, at 20:54, Ricardo Signes <> wrote:

> > We would only build, test, and install Net::SSLeay if openssl was available.

[or LibreSSL, which Net::SSLeay also supports]

> Would mbedTLS be an option? It’s much smaller/lighter than OpenSSL. Its API is simple and easy to use.

Until or its dependencies support it, it's irrelevant to the
current discussion.  Same goes for GnuTLS, Apple's CommonCrypto,
Microsoft's Schannel, or any other TLS library out there except
OpenSSL and LibreSSL, which are already supported by Net::SSLeay.  I'm
not saying there is anything wrong with these other various TLS
implementations, but we are not looking for TLS support in the
abstract; we are looking for how to install Perl modules over the
Internet securely, which is realistically not likely to happen unless
we build on the tools we already have.

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About