Re: security/gnutls: link against libunbound for DANE support (patch)

To: ng0 <ng0%n0.is@localhost>
Subject: Re: security/gnutls: link against libunbound for DANE support (patch)
From: Greg Troxel <gdt%lexort.com@localhost>
Date: Tue, 17 Sep 2019 12:42:13 -0400

ng0 <ng0%n0.is@localhost> writes:

> In a set of software I work on, we highly prefer GnuTLS built
> against libunbound to get DANE functionality. Right now this
> pulls in at least unbound (and flex via unbound).
> There are plans to eventually not depend on unbound for this
> in GnuTLS itself.
>
> Would we as pkgsrc prefer for this to be opt-in or opt-out?
> My patch is opt-in but adds a keyword.

Particularly today (almost freeze), I think it should be opt-in (meaning
the option adds it, and the option is not in SUGGESTED, which is what I
think you mean).

Whether it's in some broad best interest averaged over everybody is a
non-obvious question, and generally I like things like this to land as
opt-in first, to allow lower-barrier experience to accumulate a bit.

I'm definitely sympathetic to DANE working, even in a Let's Encrypt
world.  And trying gnunet  has been on my todo list for a really long
time.

Follow-Ups:
- Re: security/gnutls: link against libunbound for DANE support (patch)
  - From: ng0

References:
- security/gnutls: link against libunbound for DANE support (patch)
  - From: ng0

Prev by Date: Re: security/gnutls: link against libunbound for DANE support (patch)
Next by Date: Re: security/gnutls: link against libunbound for DANE support (patch)
Previous by Thread: Re: security/gnutls: link against libunbound for DANE support (patch)
Next by Thread: Re: security/gnutls: link against libunbound for DANE support (patch)
Indexes:

Home | Main Index | Thread Index | Old Index