Instead of everybody switching to LibreSSL, we had the Linux Foundation reward O... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		snvzz 3 days ago \| parent \| context \| favorite \| on: OpenSSL: Stack buffer overflow in CMS AuthEnvelope... Instead of everybody switching to LibreSSL, we had the Linux Foundation reward OpenSSL's incompetence with funding. We are still suffering from that mistake, and LibreSSL is well-maintained and easier to migrate to than it ever was. What the hell are we waiting for? Is nobody at Debian, Fedora or Ubuntu able to step forward and set the direction?

seg_lol 2 days ago [–]

How about standardizing on an API, then switching backends can be up to the administrator of the machine.

snvzz 2 days ago | [–]

LibreSSL has put serious effort into making itself interchangeable with openssl.

OpenSSL as the incumbent has no incentive to do the same.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact