Hmm, that may work with HTTPS, but certainly won't help with Net::SSH, which depends on OpenSSL::PKey, as well as OpenSSL::BN (which I recently implemented) and OpenSSL::PKey::DH (which I'm just about done with). Of course HTTPS support is more critical, but I hate to see us stripping away functionality (especially when I'm trying to use it!).
Maybe we could break out a separate 'stripped' version for HTTPS-only support. Also, the recent 1.1 API changes break some pieces of jopenssl (though perhaps nothing that's being used). It may be time to think about splitting it into 1.0x and 1.1x versions. -Bill
