develooper Front page | perl.perl5.porters | Postings from June 2022

Re: Pre-RFC: support https out-of-the-box

Thread Previous | Thread Next
From:
Craig A. Berry
Date:
June 16, 2022 22:19
Subject:
Re: Pre-RFC: support https out-of-the-box
Message ID:
CA+vYcVzNtTpb9OYE49jubpOL5Hqi6sbFvCo-eLsGugM3hEaeJA@mail.gmail.com
On Thu, Jun 16, 2022 at 2:11 PM Felipe Gasper <felipe@felipegasper.com> wrote:
>
> > On Jun 16, 2022, at 14:42, Craig A. Berry <craig.a.berry@gmail.com> wrote:
> > So let's please not go with a Linux-only solution and just use
> > Mozilla::CA as already planned.
>
> How would using OpenSSL’s root certs be less “Linux-only” than using Net::SSLeay?

Both OpenSSL and Net::SSLeay are very portable.  The Linuxy assumption
is that an OpenSSL package includes (or symlinks to) authoritative
certificates provided by the OS distributor.  That is unlikely to be
the case on non-Linux.  I don't know, but the BSDs very likely do
something similar with LibreSSL, though as far as I can find, the
authoritative certs included with BSD distros are just the same
Mozilla certs you'd get with Mozilla::CA. If the Mozilla certificates
are good enough for the BSDs and for curl, why wouldn't they be good
enough for us, especially since there is already a Perl-friendly way
to maintain them?

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About