Issue #9439 has been updated by Christian Hltje.


I like  Aaron Patterson (TenderLove's) suggestion in #25: Split it into a gem and include the gem in ruby-core by default (like JSON).

It would solve the chicken-and-the-egg problem, keep rubygems happy, and allow upgrading.

At some point in the future, we could switch to TLS or the new security hotness to include in ruby without breaking anything and people who wanted last weeks security api can just gem install it.


----------------------------------------
Feature #9439: Remove OpenSSL from stdlib
https://bugs.ruby-lang.org/issues/9439#change-45481

* Author: Zachary Scott
* Status: Open
* Priority: Normal
* Assignee: 
* Category: lib
* Target version: current: 2.2.0
----------------------------------------
Regarding [ruby-core:59943], I agree with nobu that we should remove OpenSSL from ruby.

It's become too hard to maintain, and would better serve our users to encourage the use of a different implementation.

Another benefit of removing OpenSSL is the impact backport fixes have on the release management team.

Although I haven't yet determined the extent of work required to remove it (ie: tooling, tests, etc). We can discuss them here.



-- 
http://bugs.ruby-lang.org/