Crypto overhaul
Ben Laurie
ben at links.org
Tue Oct 31 12:09:45 UTC 2017
On 31 October 2017 at 11:48, Eric McCorkle <eric at metricspace.net> wrote:
> On 10/30/2017 04:05, Julian Elischer wrote:
>> On 29/10/17 8:36 am, Eric McCorkle wrote:
>>> On 10/28/2017 09:15, Poul-Henning Kamp wrote:
>>>> --------
>>>> In message <20171028123132.GF96685 at kduck.kaduk.org>, Benjamin Kaduk
>>>> writes:
>>>>
>>>>> I would say that the 1.1.x series is less bad, especially on the
>>>>> last count,
>>>>> but don't know how much you've looked at the differences in the new
>>>>> branch.
>>>> While "less bad" is certainly a laudable goal for OpenSSL, I hope
>>>> FreeBSD has higher ambitions.
>>>>
>>> I'm curious about your thoughts on LibreSSL as a possible option.
>>
>> what gives any evidence as to it being any better?
>
> At least as about its first year and a half, LibreSSL had a markedly
> better track record than OpenSSL (zero high-severity CVEs vs 5 from
> OpenSSL, about half as many mid- and low-security CVEs).
Not getting CVEs doesn't mean not having the issues:
https://marc.info/?l=openbsd-announce&m=140752800525709.
More information about the freebsd-arch
mailing list