Faster init of OpenSSL seems like a small benefit to a potentially annoying change. As a Fedora fan and user I don’t like this.

I like the change, but dragons beware. They support the hash format for decades, but almost nobody uses it. I almost wanted to implement the hash lookup by myself, until I found out, it's already in there. Ready for primetime, but I suspect many packages will run a afoul.

Same thinking here; how much speed up are we talking about as approach b, as suggested to have the preference, still involves maintenance due to upstream not taking this. What is the ROI?

The more certs you have, the slower. Much slower, as you have to read the whole cert, and hash it.

With hashes the lookup is instant, as in git.