Thanks for the information Stu. Unfortunately I am not sure it will help in the end. Their project leader Natanael stated the following.
____________________________________________________________ The fact that libressl developers are not willing to workaround 32 bit linux time_t is the deal breaker for me. I am not happy to switch back to openssl. I have been fairly happy with libressl and been willing to sacrifice pretty much work for the extra security benefits libressl has given, but the situation we are in now is that we have to choose between: - replace linux kernel with some other kernel - do not support CAs with expiry date past year 2038 - drop 32 bit support - replace libressl I wish libressl could keep the 32 bit time_t workaround til linux kernel had fixed the problem instead of knowingly break things. Now I don't see we have much of an option since 32 bit linux is basically not supported by libressl at this point.