[nsd-users] NSD and OpenSSL
Michael A. Peters
mpeters at domblogger.net
Mon Aug 10 05:24:11 UTC 2015
Hi,
I'm currently busy rebuilding many of my server applications to use
LibreSSL instead of OpenSSL.
I noticed that NSD links against OpenSSL and I am curious as to if that
is really necessary.
I am guessing some cryptographic functions are used when it pushed zone
changes to slaves, but does it actually use a TLS connection?
I know earlier this year, many bitcoin clients that dynamically link
against OpenSSL broke when OpenSSL pushed an update.
The fault was not OpenSSL, it was bitcoin clients to blame. Some
developers pointed out that because bitcoin doesn't actually use TLS it
really should have just had the cryptographic functions it needs in its
own source. That would have prevented a bug fix to OpenSSL breaking the
clients.
I am wondering if that is the case with NSD.
Thoughts?
More information about the nsd-users
mailing list