On Fri, Jun 6, 2014, at 07:28 AM, Maxime Villard wrote: > Le 06/06/2014 12:47, Eric Furman a écrit : > > > > On Fri, Jun 6, 2014, at 04:20 AM, Renaud Allard wrote: > >> On 06/06/2014 05:18 AM, Eric Furman wrote: > >>> On Thu, Jun 5, 2014, at 08:36 PM, Giancarlo Razzolini wrote: > >>>> Em 05-06-2014 21:23, David Goldsmith escreveu: > >>>>> Probably ipfilter > >>>>> > >>>>> > >>>> http://christopher-technicalmusings.blogspot.com/2009/03/switching-firewalls-from-ipf-to-pf-on.html > >>>>> > >>>> If it is indeed ipfilter, I don't think OpenSSL will have the same fate. > >>>> There is lots of money on it, and even more now, that the Linux > >>>> Foundation is funding them directly. I believe that LibreSSL and OpenSSL > >>>> will live alongside for a long time. > >>> > >>> That's a valid opinion, but as I said, I doubt it. > >>> Vendors aren't stupid. With all that has happened lately, > >>> given a choice the switch will not take long. > >>> > >>> > >> Given a choice, perhaps. But some will stick with OpenSSL only because > >> they want the money given by FIPS certification. > >> > > > > This is a joke, right? I think you are sadly misinformed. > > This is OPEN SOFTWARE. Vendors will choose the least problematic > > software. > > You are naive. > > Ah. > > > I think you underestimate the intelligence of SSL Vendors. > > Free software is fantastic, we all benefit, but Vendors choose > > the best solutions. Given the current circumstances > > Libre.SSL WILL prevail. > > > > I HAD TO CHANGE MY PASSWORD AT ALL OF MY ONLINE BANKING ACCOUNTS! > > THEY KNOW THAT OPENSSL IS SHIT! HOW LONG DO YOU THINK THEY WILL > > CONTINUE TO USE SHITE FROM OPENSSL? > > THEY ARE NOT STUPID! > > Thank you > > > > Because LibreSSL is bug-free? You think that in only 2 months LibreSSL > has > become the "least problematic" SSL software, and that everyone should use > this instead of the usual "OpenSSL shit"? > > You are trying to convince us that LibreSSL is secure, and that if > there's > a bug, it's because of OpenSSL. I just find it a bit too easy, especially > when most of the OpenSSL "shit" is included in LibreSSL. > > That, is great, naive joke. > > (and I'm not blaming LibreSSL) >
Sorry for the rant. I think you must have missed my original post. I claimed that "within a year" OpenSSL will be replaced. I said nothing about replacing it now or anytime very soon. LibreSSL is still a work in progress and when it is a finished product it may contain some of the same elements that are in OpenSSL, but that may not necessarily be true in the end. My point is that LibreSSL is being developed by the OpenBSD team. This team has a very long track record of producing very good code. Will there be no bugs in LibreSSL? I can't answer that question. But I will be confident that it will be superior to OpenSSL.
