Crypto overhaul
    Eric McCorkle 
    eric at metricspace.net
       
    Tue Oct 31 11:48:41 UTC 2017
    
    
  
On 10/30/2017 04:05, Julian Elischer wrote:
> On 29/10/17 8:36 am, Eric McCorkle wrote:
>> On 10/28/2017 09:15, Poul-Henning Kamp wrote:
>>> --------
>>> In message <20171028123132.GF96685 at kduck.kaduk.org>, Benjamin Kaduk
>>> writes:
>>>
>>>> I would say that the 1.1.x series is less bad, especially on the
>>>> last count,
>>>> but don't know how much you've looked at the differences in the new
>>>> branch.
>>> While "less bad" is certainly a laudable goal for OpenSSL, I hope
>>> FreeBSD has higher ambitions.
>>>
>> I'm curious about your thoughts on LibreSSL as a possible option.
> 
> what gives any evidence as to it being any better?
At least as about its first year and a half, LibreSSL had a markedly
better track record than OpenSSL (zero high-severity CVEs vs 5 from
OpenSSL, about half as many mid- and low-security CVEs).
    
    
More information about the freebsd-hackers
mailing list