On 06/06/2014 12:47 PM, Eric Furman wrote: > > That's a valid opinion, but as I said, I doubt it. > Vendors aren't stupid. With all that has happened lately, > given a choice the switch will not take long. > > >> Given a choice, perhaps. But some will stick with OpenSSL only because >> they want the money given by FIPS certification. >> > This is a joke, right? I think you are sadly misinformed. > This is OPEN SOFTWARE. Vendors will choose the least problematic > software. > You are naive. > I think you underestimate the intelligence of SSL Vendors. > Free software is fantastic, we all benefit, but Vendors choose > the best solutions. Given the current circumstances > Libre.SSL WILL prevail. > > I HAD TO CHANGE MY PASSWORD AT ALL OF MY ONLINE BANKING ACCOUNTS! > THEY KNOW THAT OPENSSL IS SHIT! HOW LONG DO YOU THINK THEY WILL > CONTINUE TO USE SHITE FROM OPENSSL? > THEY ARE NOT STUPID! > Thank you
Let's say, I hope you are right and I am wrong. I don't believe in FIPS for cryptography, but commercial entities might have a hard time removing themselves from a market. BTW, in my country, for all banks I know, you need to enter an OTP for each transaction you do online.... As said: I hope you are right and I am wrong. [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
