There was an attempt to remove openssl in favour of pure Rust implementation at #67, however we still include it via rouille > tiny_http implementation. We track moving off rouille at #39.

The benefit, as I understand it, is to make the build and distribution easier or more portable, however we do build and ship the binary by using the openssl/vendored feature already in Actions and GitLab, so I'm not sure how critical this issue is.

@drahnr @TriplEight is it something that we want to resolve in the nearest future?

I agree that this not an immediate priority, #67 will resolve this incidentally.

Generally I consider it an advantage to avoid openssl entirely, mostly due to the fact of requiring a C++ compiler and the general topic of reproducibility. It's a nice to have, eventually.

I'm in favour of that, I will free us from having openssl as a dependency in many places. But we already wait for so long, definitely not a prio right now.

As I understand, after merging #131 we're still blocked upstream by briansmith/webpki#54 (we can't use rustls without IP support); is that correct @montekki?