Ah wow:

"Where we deem it desirable, we will add new APIs that are only on LibreSSL/BoringSSL/AWS-LC. Concretely, we expect to add ML-KEM and ML-DSA APIs that are only available with LibreSSL/BoringSSL/AWS-LC, and not with OpenSSL."

As one of MacPorts' LibreSSL maintainers, this is vaguely heartening, but also, stresses me out a bit more, since I think there are around 600-800 Portfiles that can probably be modified to use the dylib approach (something similar to adding this line to the Portfile:

depends_lib path:lib/libssl.dylib:openssl \

which facilitates MacPorts to defaulting to whatever TLS library is installed, and if that is LibreSSL as I do from a fresh MacPorts install, great!) but I haven't gotten around to modifying and testing those hundreds of Portfiles, let alone submitting Pull Requests which have gotten merged, even though it's been in the back of my mind for years and AFAIK, there are Trac issues for MacPorts that predate my helping out as a maintainer which express similar desires for more harmonious and widespread LibreSSL coexistence.

As it stands, I already feel as if I am burning the candle at both ends while contending with homelessness, over $12,000 USD in debt on my credit card and a paucity of income relative to my living expenses.

I'm also really not a fan of Python (though I admit, the last time it was dragged in as some dependency during an installation of something, at least it didn't try to install OpenSSL, as sometimes happens with some MacPorts), to understate it.

But y'know, cool! I think? Maybe?

I'm also, more or less certain that rpki-client prefers LibreSSL (no surprise, I think more or less all OpenBSD related projects do), but in the release notes for 9.7 (for which I recently submitted a Pull Request to update MacPorts' version to, so they're sort of fresh in my memory) there was mention of OpenSSL 4, which I guess is looming? Clemens also recently posted something to macports-dev about OpenSSL 3.6, and I admit, I pay less close attention to OpenSSL, but at least got the sense that other TLS library efforts are ongoing.

I probably don't want to know the answer to how many are using AWS-LC; I'd be vaguely curious how widely used BoringSSL is these days. Apple switched to LibreSSL an awfully long time ago now, but they seem as if they drag their feet on updating it and at the moment on macOS 26.2 it looks as if Apple are still shipping LibreSSL 3.3.6 (from March 15, 2022) whereas I'm running 4.2.1 (from October 30th, 2025, only three years and change more recent!) via MacPorts.

Having written as much, last year I think I saw yet another fork of OpenSSL and I may have even created a Trac issue to begin exploring it, but I can't remember the name of it off the top of my head at the moment and even after reading the slide deck from the conference where it was presented I think I had more questions than answers as to why it even came into existence.