Date: Tue, 31 Oct 2017 12:23:59 +0000 From: "Wall, Stephen" <swall@redcom.com> To: "freebsd-security@freebsd.org security" <freebsd-security@freebsd.org>, "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>, "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: RE: Crypto overhaul Message-ID: <f331e70771ed4eb28878a4ae00905cc2@exch-02.redcom.com> In-Reply-To: <cfa28da2-0a4b-c6b9-2e22-3fbb1bbc9394@metricspace.net> References: <dc08792a-3215-611c-eb9f-4936a0d621f9@metricspace.net> <CAG5KPzws=jmF2wLeEAz8Lzn7Ugude=0w5neoQjeDjYnGtJpS9Q@mail.gmail.com> <13959.1509132270@critter.freebsd.dk> <CAG5KPzxGtAwV-svCv24FbZtLvxKCwX7OSyb2pPaTc63EUmFFGA@mail.gmail.com> <20171028022557.GE96685@kduck.kaduk.org> <23376.1509177812@critter.freebsd.dk> <20171028123132.GF96685@kduck.kaduk.org> <24228.1509196559@critter.freebsd.dk> <df46aaa5-13a9-2fc6-bcd2-d57d792800eb@metricspace.net> <e83f9add-d6d4-494d-669a-215765c0b5eb@elischer.org> <cfa28da2-0a4b-c6b9-2e22-3fbb1bbc9394@metricspace.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> At least as about its first year and a half, LibreSSL had a markedly > better track record than OpenSSL (zero high-severity CVEs vs 5 from > OpenSSL, about half as many mid- and low-security CVEs). Are any of these relevant to the crypto module? Or are they all only appli= cable to the SSL protocol? As I understand the discussion so far, the goal is to unify all the dispara= te crypto pieces in the base system. That could certainly be done using Op= enSSLs libcrypto, and let users select their SSL provider from the ports tr= ee. -spw
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f331e70771ed4eb28878a4ae00905cc2>