Bug#1013132: ITP: BabaSSL -- BabaSSL is a base library for modern cryptography and communication security protocols.

To: Stephan Verbücheln <verbuecheln@posteo.de>, Marco d'Itri <md@linux.it>, debian-devel@lists.debian.org
Cc: 1013132@bugs.debian.org
Subject: Bug#1013132: ITP: BabaSSL -- BabaSSL is a base library for modern cryptography and communication security protocols.
From: Sam Hartman <hartmans@debian.org>
Date: Thu, 30 Jun 2022 08:16:47 -0600
Message-id: <[🔎] tsl8rpexmls.fsf@suchdamage.org>
Reply-to: Sam Hartman <hartmans@debian.org>, 1013132@bugs.debian.org
In-reply-to: <[🔎] d1172d0d2a8207315ac9ce975c80f2e97cacf244.camel@posteo.de>
References: <[🔎] Gc_zeinSoR6-jicOendOs4pkCI26gF99R3pceW5CKTuY_A5gamptQcLkf_g71Y2Crt7bX2xfgjSmDG5y0own4vGZzArrTC145OpQoOrM5dI=@protonmail.com> <[🔎] Gc_zeinSoR6-jicOendOs4pkCI26gF99R3pceW5CKTuY_A5gamptQcLkf_g71Y2Crt7bX2xfgjSmDG5y0own4vGZzArrTC145OpQoOrM5dI=@protonmail.com> <[🔎] YrDXvVESTYOJd4Ca@bongo.bofh.it> <[🔎] IOUBnH57qrOWj4iYVtGg69n19tIuIcuZfECiPvxZeM7HbpyDYWPzHYIyi8JJkOiO1-IzS9dwTkk_W83GAtQLtEJ116hRwPs6CPimYaoFELk=@protonmail.com> <[🔎] YrxbLpnnta6D85C3@bongo.bofh.it> <[🔎] d1172d0d2a8207315ac9ce975c80f2e97cacf244.camel@posteo.de> <[🔎] Gc_zeinSoR6-jicOendOs4pkCI26gF99R3pceW5CKTuY_A5gamptQcLkf_g71Y2Crt7bX2xfgjSmDG5y0own4vGZzArrTC145OpQoOrM5dI=@protonmail.com>

>>>>> "Stephan" == Stephan Verbücheln <verbuecheln@posteo.de> writes:

    Stephan> As far as I understand it, the main point of BabaSSL is to
    Stephan> add support for Chinese developed ciphers and algorithms.

It looked like there were two main points.
The first was in fact these ciphers.
I don't think that's a good reason for including in Debian because it
looks like OpenSSL is interested in adding these ciphers long-term, and
that appears a much better strategy for us as a ddistribution.

However there are some other features from the ITP:

-    Support NTLS (formal GM dual-certificate protocol) handshake processing, according to GB/T 38636-2020
TLCP
-    QUIC API support
-    Support delegated credentials, according to draft-ietf-tls-subcerts-10

I don't recognize NTLS
and presumably since draft-ietf-tls-subcerts is a working group draft it
will be possible to get into OpenSSL eventually.

Reply to:

References:
- Bug#1013132: ITP: BabaSSL -- BabaSSL is a base library for modern cryptography and communication security protocols.
  - From: Lance Lin <LQi254@protonmail.com>
- Bug#1013132: ITP: BabaSSL -- BabaSSL is a base library for modern cryptography and communication security protocols.
  - From: Marco d'Itri <md@Linux.IT>
- Bug#1013132: ITP: BabaSSL -- BabaSSL is a base library for modern cryptography and communication security protocols.
  - From: Lance Lin <LQi254@protonmail.com>
- Bug#1013132: ITP: BabaSSL -- BabaSSL is a base library for modern cryptography and communication security protocols.
  - From: Marco d'Itri <md@linux.it>
- Bug#1013132: ITP: BabaSSL -- BabaSSL is a base library for modern cryptography and communication security protocols.
  - From: Stephan Verbücheln <verbuecheln@posteo.de>

Prev by Date: Bug#969155: [Pkg-nagios-devel] Bug#969155: RFP: icinga database -- database for icinga 2
Next by Date: Processed: Re: ita
Previous by thread: Bug#1013132: ITP: BabaSSL -- BabaSSL is a base library for modern cryptography and communication security protocols.
Next by thread: Bug#1013134: node-c8 output coverage reports using Node.js' built in coverage
Index(es):
- Date
- Thread