[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: security/gnutls: link against libunbound for DANE support (patch)
Greg Troxel transcribed 911 bytes:
> ng0 <ng0%n0.is@localhost> writes:
> > In a set of software I work on, we highly prefer GnuTLS built
> > against libunbound to get DANE functionality. Right now this
> > pulls in at least unbound (and flex via unbound).
> > There are plans to eventually not depend on unbound for this
> > in GnuTLS itself.
> > Would we as pkgsrc prefer for this to be opt-in or opt-out?
> > My patch is opt-in but adds a keyword.
> Particularly today (almost freeze), I think it should be opt-in (meaning
> the option adds it, and the option is not in SUGGESTED, which is what I
> think you mean).
> Whether it's in some broad best interest averaged over everybody is a
> non-obvious question, and generally I like things like this to land as
> opt-in first, to allow lower-barrier experience to accumulate a bit.
> I'm definitely sympathetic to DANE working, even in a Let's Encrypt
> world. And trying gnunet has been on my todo list for a really long
Good to read.
Is the latest patch good to go as it is? I'd like to commit this
Main Index |
Thread Index |