On Fri, Oct 26, 2012 at 3:38 PM, Andy Isaacson <[email protected]> wrote: > On Fri, Oct 26, 2012 at 06:29:47PM +0000, John Case wrote: >> So, given what is in the stanford report and then reading this rant >> about openssl, I am wondering just how bad openssl is ? I've never >> had to implement it or code with it, so I really have no idea. >> >> How long has it been "understood" that it's a mess (if it is indeed >> a mess) ? How dangerous is it ? >> >> It looks like the rant was published in 2009 .... > > "Bad" is such a subjective measurement. > > OpenSSL is very very hard for a non-expert to code against. It's hard > to figure out what interfaces you should use, what interfaces are well > tested, what interfaces are known to be unsafe, and what interfaces are > buggy but can be used safely with careful coding. It's fairly easy to > accidentally disable security critical codepaths in the process of > iterative "hmm that doesn't quite work, the docs are unclear, maybe this > is a bug in my code or maybe a bug in OpenSSL?" that is a normal part of > software development. If you need to implement anything even slightly > different from what was expected by the authors. OpenSSL gets a lot of critiques for its documentation (or lack thereof), but there is [at least] one exception: the FIPS User Guide and Security Policy. Both are well written and full of technical details.
Jeff _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
