Debian has a humongous package library, the biggest of any distro if I'm not mistaken. They need full drop-in compatibility between libressl and openssl if they hope to replace the latter any time soon for all those packages.
The (current) compatibility is closer to drop-in than not. Most of these packages have maintainers and an upstream. It is just a matter of getting it done.
There exist distros using libressl and musl, proving feasibility.
