1. 13
    LibreSSL 2.4.2 released crypto security ftp.openbsd.org
    fkr avatar via fkr 2 years ago | cached | 3 comments

  1.  

  2. 2
    fortune avatar fortune 2 years ago | link

    Has OpenSSL significantly improved since the debacles in the last couple years? I know a handful of large companies gave funding to improve, get rid of old code or something, but I’m not really privy to its workings.

    Or, should I be using LibreSSL and don’t know it? :)

    1. 4
      trousers avatar trousers 2 years ago | link

      Relatively straightforward to compare now that there is competition: https://en.wikipedia.org/wiki/LibreSSL#Security_and_vulnerabilities

      1. 3
        mjturner avatar mjturner 2 years ago | link

        Nice summary - this just highlights how hard it is to implement good crypto.

        For me, the high-level benefits of using LibreSSL are twofold:

        1. It’s simpler, with a lot of cruft stripped out, giving a smaller attack surface
        2. Even though it’s a fork, applicable fixes from OpenSSL can still be applied

        OS X/macOS now includes LibreSSL, BTW.