Crypto overhaul

Poul-Henning Kamp phk at phk.freebsd.dk
Sun Oct 29 07:05:36 UTC 2017


--------
In message <df46aaa5-13a9-2fc6-bcd2-d57d792800eb at metricspace.net>, Eric McCorkl
e writes:
>On 10/28/2017 09:15, Poul-Henning Kamp wrote:
>> --------
>> In message <20171028123132.GF96685 at kduck.kaduk.org>, Benjamin Kaduk writes:
>> 
>>> I would say that the 1.1.x series is less bad, especially on the last count,
>>> but don't know how much you've looked at the differences in the new branch.
>> 
>> While "less bad" is certainly a laudable goal for OpenSSL, I hope
>> FreeBSD has higher ambitions.
>> 
>
>I'm curious about your thoughts on LibreSSL as a possible option.

It retains the horrible APIs, so the potential improvement is finite.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.


More information about the freebsd-security mailing list