Date: Sun, 29 Oct 2017 12:31:03 +0100 From: Matthias Andree <mandree@FreeBSD.org> To: freebsd-hackers@freebsd.org Subject: Re: Crypto overhaul Message-ID: <cbfd869b-6127-c9a5-2dd2-694bf430ae61@FreeBSD.org> In-Reply-To: <df46aaa5-13a9-2fc6-bcd2-d57d792800eb@metricspace.net> References: <dc08792a-3215-611c-eb9f-4936a0d621f9@metricspace.net> <CAG5KPzws=jmF2wLeEAz8Lzn7Ugude=0w5neoQjeDjYnGtJpS9Q@mail.gmail.com> <13959.1509132270@critter.freebsd.dk> <CAG5KPzxGtAwV-svCv24FbZtLvxKCwX7OSyb2pPaTc63EUmFFGA@mail.gmail.com> <20171028022557.GE96685@kduck.kaduk.org> <23376.1509177812@critter.freebsd.dk> <20171028123132.GF96685@kduck.kaduk.org> <24228.1509196559@critter.freebsd.dk> <df46aaa5-13a9-2fc6-bcd2-d57d792800eb@metricspace.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 29.10.2017 um 02:36 schrieb Eric McCorkle: > On 10/28/2017 09:15, Poul-Henning Kamp wrote: >> -------- >> In message <20171028123132.GF96685@kduck.kaduk.org>, Benjamin Kaduk writes: >> >>> I would say that the 1.1.x series is less bad, especially on the last count, >>> but don't know how much you've looked at the differences in the new branch. >> While "less bad" is certainly a laudable goal for OpenSSL, I hope >> FreeBSD has higher ambitions. >> > I'm curious about your thoughts on LibreSSL as a possible option. To me as application developer (fetchmail) and user of FreeBSD on a vserver as web/mail server, I've seen LibreSSL break its users too often, require extra hoops to detect its old API as opposed to OpenSSL 1.1.x/1.0.x distinction, so it gambled away the little trust I had and I've cast it out again from my computers and just committed the bare minimals to detect and warn about LibreSSL. Just going on a rampage with the fork, badmouthing OpenSSL (which has come quite a way since LibreSSL forked off), doesn't quite build the case for LibreSSL to become a fully-fledged SSL/TLS/crypto replacement stack for OpenSSL, in my book.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cbfd869b-6127-c9a5-2dd2-694bf430ae61>