| From: | Geoff Winkless <pgsqladmin(at)geoff(dot)dj> |
|---|---|
| To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: About BoringSSL, an OpenSSL fork |
| Date: | 2015-10-26 10:01:22 |
| Message-ID: | CAEzk6ffo=EszuMpPiYXpjbRK4ugEdEHaS4-A3abcdink_EWy+w@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 26 October 2015 at 00:59, Michael Paquier <michael(dot)paquier(at)gmail(dot)com>
wrote:
> https://boringssl.googlesource.com/boringssl/+/HEAD/PORTING.md
> Looking at the porting section many routines have changed compared to
> OpenSSL. I can't imagine this fork to become a complete replacement of
> OpenSSL, but it may be worth considering an integration in Postgres
> code depending on the features it will have (Curve25519,
> Ed25519 mentioned). Also since 9.4 the SSL code paths have been
> rearranged to allow more implementations to be done with other SSL
> libraries.
>
Quote:
Although BoringSSL is an open source project, it is not intended for
general use, as OpenSSL is. We don’t recommend that third parties depend
upon it. Doing so is likely to be frustrating because there are no
guarantees of API or ABI stability.
Sounds like a subscription to a world of pain.
Geoff
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2015-10-26 10:39:37 | Re: questions about PG update performance |
| Previous Message | Michael Paquier | 2015-10-26 08:33:14 | Re: [PATCH v3] GSSAPI encryption support |