On Thu, Sep 29, 2022 at 07:37:33PM +0200, Neal Gompa wrote:
around OpenSSL was brought up, and Adam Williamson brought up that we might not need to hobble OpenSSL anymore[1]. A quick check seems to indicate we no longer do it for GnuTLS either, and haven't for many years[2].
I think this is apples and oranges? The gnutls change you link references SRP, which is mentioned as no longer removed in the openssl "hobble" script. The remaining question is the ECC stuff.
Which, to give an update: is still under investigation.