On Wed, 15 Jun 2022 02:52:01 +0000, Oodler 577 via perl5-porters wrote: > > options: > > 1. bundle modules, look for openssl (and poss other libs) > > 2. bundle an SSL lib and modules such as Mbed TLS, WolfSSL > > 3. Go with Curl, as it can work with a range of SSL libraries > > 4. work with various SSL programs (wget, curl, etc) > > 5. anything else? > As a user, concur that #1 seems to be the most reasonable, with the caveat > that IO::Socket::SSL provided by MAJOR packages be factored in somehow. I suspect > distros like Debian/Ubuntu would necessarily want to strip this out somehow > given they strip out things like perldoc into separate packages. But, knowing > that my opinion means nothing, I'd place much more emphasis on opinions pkg folks > from Debian, OpenBSD, FreeBSD, and pkgsrc (NetBSD), etc I can't speak for Niko and Dom, who are the maintainers of perl itself in Debian (but they're subscribed here, so can add to my comments), still some thought from a CPAN->Debian packager: * Having TLS/https in perl sounds nice. * We are not packaging Mozilla::CA, because we have the very same certs in the ca-certificates package (and duplication, skew, duplicate efforts, security updates, you name it). When a CPAN dist requires Mozilla::CA we patch it, and I'm pretty sure the same would happen if perl included Mozilla::CA unconditionally. So for us any solution which probes for CA certs or has a configure option or whatever would be nice. * This whole discussion about HTTPS is completely in vain, as long as HTTP::Tiny doesn't verify the certificates. Cf. https://github.com/chansen/p5-http-tiny/issues/134 Cheers, gregor -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation EuropeThread Previous | Thread Next