Issue #9439 has been updated by Shyouhei Urabe.


Forget GPG if you guys don't like it; it's just an alternative.

I had a really rough glance at the TUF pull request and it seems
OpenSSL is used only for SHA and RSA algorithms and not for the
secure socket layer.  We can find adequate other implementations
for both SHA and RSA so TUF can be OpenSSL-free I believe.

----------------------------------------
Feature #9439: Remove OpenSSL from stdlib
https://bugs.ruby-lang.org/issues/9439#change-44532

* Author: Zachary Scott
* Status: Open
* Priority: Normal
* Assignee: 
* Category: lib
* Target version: current: 2.2.0
----------------------------------------
Regarding [ruby-core:59943], I agree with nobu that we should remove OpenSSL from ruby.

It's become too hard to maintain, and would better serve our users to encourage the use of a different implementation.

Another benefit of removing OpenSSL is the impact backport fixes have on the release management team.

Although I haven't yet determined the extent of work required to remove it (ie: tooling, tests, etc). We can discuss them here.



-- 
http://bugs.ruby-lang.org/