From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mark H Weaver Subject: Re: [PATCH] Libressl Date: Mon, 15 Jun 2015 16:15:40 -0400 Message-ID: <87eglciv83.fsf@netris.org> References: <20150615191102.GA4777@debian> Mime-Version: 1.0 Content-Type: text/plain Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:43752) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z4anc-0006SA-U0 for guix-devel@gnu.org; Mon, 15 Jun 2015 16:16:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Z4anX-0006Qg-Uq for guix-devel@gnu.org; Mon, 15 Jun 2015 16:16:04 -0400 Received: from world.peace.net ([50.252.239.5]:56493) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z4anX-00064e-L9 for guix-devel@gnu.org; Mon, 15 Jun 2015 16:15:59 -0400 In-Reply-To: <20150615191102.GA4777@debian> (Andreas Enge's message of "Mon, 15 Jun 2015 21:11:02 +0200") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org To: Andreas Enge Cc: guix-devel@gnu.org Andreas Enge writes: > the attached patch adds libressl. As you can see, it is quite a bit simpler > than the openssl package, which already inspires confidence. I think we > should add the package; Agreed. > the next question would be whether we should switch > all inputs from openssl to libressl. I tried it for fetchmail, and it works > just the same. I would be in favor of trying this in core-updates. I have a lot more confidence in the security of LibreSSL than OpenSSL. The name "LibreSSL" also better reflects the values of the free software movement, which is a nice bonus. > I also wonder whether we should not unite gnutls.scm and openssl.scm into > one tls.scm. Sounds good to me. > + ;; Files taken from OpenSSL keep their license, others are under various > + ;; non-copyleft licenses. > + (license (list license:openssl > + (license:non-copyleft > + "file://COPYING" > + "See COPYING in the distribution."))))) The COPYING file says that the OpenSSL code is under the OpenSSL license and the new contributions are under ISC or public domain, so how about this instead? (license (list license:openssl license:isc))))) Thank you! Mark