Front page | perl.perl5.porters |
Postings from December 2021
Hi, On Fri, Dec 3, 2021 at 7:39 PM Paul "LeoNerd" Evans <leonerd@leonerd.org.uk> wrote: > > But theabove is all based on a mere 5 minutes of research from me - I'm > sure there'll be folks around who know more about the situation so can > chime in with extra detail. ;) In my opinion there are two scenarios: - you use the system perl. that way you can use the system provided tooling for bringing you ssl, so there is no problem! - you use a perl you compiled yourself. that's great! this means you had _some_ way to securely get perl on your system. and a C compiler. you can use that same mechanism to get ssl there, so there is no problem! Let me also state that with just SSL libraries you're _not_ done. You also need to get a trusted CA root in order to validate the certificates! This needs to be updated frequently. That is something really best to be left to the system Perl runs on to provide. cpan libraries are on HTTPS mirrors, the cpan client uses curl if IO::Socket::SSL etc are not available. I think that there is nothing for perl itself to improve herel -- MichielThread Previous | Thread Next