On Sat, Jul 19, 2014 at 12:59 PM, Yamaban <foerster(a)lisas.de> wrote:
On Sat, 19 Jul 2014 16:35, Cristian Rodríguez
El 19/07/14 08:45, Johannes Kastl escribió:
On 18.07.14 10:29 Jan Engelhardt wrote:
tl;dr: libressl makes a lot of people sleep
better at night. ;)
+1 for giving people the choice between different SSL-implementations.
This is exactly we must not do, we must focus on providing ONE working
solution and not many half-backed ones.
@Cristian: please give proof of your expertise in crypto algoritms and
high-security programming before spamming such a reply.
OpenSSL has been aroung for a long time now, and has not had a
fundamental code reordering and adaption to modern needs in the
last ten years.
It's quite clear you don't have such a security background, because if
you had, you would know that you don't touch security-critical code
just to reorder it. You leave it alone unless there's proof that what
you're doing fixes things, and not the opposite. Mere reordering, mere
optimization can be a security issue (read about somewhat recent
issues with ssh's rng cause by a "small optimization").
Cruft in the code? Oh yes! Just looking at it gives me
feeling of 1995, again.
Most of the newer security needs is addressed as just tagged on
code. A rewrite, function for function is a dire need.
Certainly not. You don't do that with security-critical code. Code
like this needs heavy auditing and years of field testing, you just
don't throw away all that field testing for a pointless rewrite.
I see LibreSSL as a first step to providing a 'drop in' replacement.
Which is what I see LibeSSL as. A pointless rewrite.
Nothing against a fully working solution.
But prof on the 'fully working' is now, - after heartbleed and the
debacles before that,- much more needed then before.
Remember, heartbleed was caused by light-minded modifications, which
is the kind LibreSSL is doing now, only in bulk.
But with time, this rewrite may be good enough. With time. Not now.
That said, I do have some experience in security, and even though I
don't think LibreSSL is good for real use right now, I see it as a
good thing to provide it for those that want to test it. Without it,
it may take it longer to be fieldtested enough to consider as a
I just wouldn't make it default by any means.
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org