develooper Front page | perl.perl5.porters | Postings from December 2021

Re: OpenSSL alternative support WAS Re: Pre-RFC: support httpsout-of-the-box

Thread Previous | Thread Next
From:
Michiel Beijen
Date:
December 3, 2021 22:05
Subject:
Re: OpenSSL alternative support WAS Re: Pre-RFC: support httpsout-of-the-box
Message ID:
CABD0r11-0GnmrsVwTULOqW2P6k8Ap-wvXWVUooRazZ-o8+YzXQ@mail.gmail.com
Hi,

On Fri, Dec 3, 2021 at 7:39 PM Paul "LeoNerd" Evans
<leonerd@leonerd.org.uk> wrote:
>
> But theabove is all based on a mere 5 minutes of research from me - I'm
> sure there'll be folks around who know more about the situation so can
> chime in with extra detail. ;)

In my opinion there are two scenarios:

 - you use the system perl. that way you can use the system provided
tooling for bringing you ssl, so there is no problem!
 - you use a perl you compiled yourself. that's great! this means you
had _some_ way to securely get perl on your system. and a C compiler.
you can use that same mechanism to get ssl there, so there is no
problem!

Let me also state that with just SSL libraries you're _not_ done. You
also need to get a trusted CA root in order to validate the
certificates! This needs to be updated frequently. That is something
really best to be left to the system Perl runs on to provide.

cpan libraries are on HTTPS mirrors, the cpan client uses curl if
IO::Socket::SSL etc are not available. I think that there is nothing
for perl itself to improve herel

--
Michiel

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About