Am 02.09.2016 um 20:50 schrieb Leo Famulari:
> On Fri, Sep 02, 2016 at 08:01:55PM +0200, Hartmut Goebel wrote:
>> Am 02.09.2016 um 16:49 schrieb Leo Famulari:
>>> +    (name "acme-client")
>>>
> Suggestions?

acme-client-openbsd? But given that this is a stupid name, and given
that
https://www.metachris.com/2015/12/comparison-of-10-acme-lets-encrypt-clients/
does not list a program with this name, may we should stick with the
official name.


>
>> *shiver* Why would one implement this in an language like C, which is
>> prone to buffer overflows, if there are implementations available in
>> more secure languages?
> I wouldn't propose this package if it wasn't part of OpenBSD's base
> system:

I'm sorry, no offence meant! I only wanted do express my doubt about
using C if other implementations are available. (I just had a look at
the source, which did not make me more confident in this piece of
software; as far as can see they implement a  a http-client from stretch
and include a json-parse instead of linking one.) I also know, OpenBSD
delivers good software.

It's not our job to decide what software a sysadmin should install. It's
the sysadmin's responsibility. Our job as distribution-builders is to 
provide software to the sysadmin.

-- 
Schönen Gruß
Hartmut Goebel
Dipl.-Informatiker (univ), CISSP, CSSLP, ISO 27001 Lead Implementer
Information Security Management, Security Governance, Secure Software
Development

Goebel Consult, Landshut
http://www.goebel-consult.de

Blog: http://www.goebel-consult.de/blog/verschlusselte-mailingslisten
Kolumne: http://www.cissp-gefluester.de/2010-07-passwoerter-lieben-lernen

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to