Em 06-06-2014 10:55, Dan Becker escreveu: > As a simple user who influences these decisions in deployments, I can > tell you my desire is to ssh tunnel all my openssl connections until > the guys who make SSH finish fixing ssl. > > Look at SSH's track record compared to OpenSSL. > > It's not practical but that is my desire :) And how tunneling your ssl connections through ssh, helps you? The heartbleed bug was both server and client side. These new bugs from yesterday, some of them are both server and client side. Tunneling your ssl connections with ssh isn't going to help you. Yes, the OpenSSH track record is way better than OpenSSL's. I might be wrong, and I hope to be. But I suspect it will be a bumpy ride for a while using either LibreSSL or OpenSSL. OpenSSL will be hopefully bumpier than LibreSSL's.
Cheers, -- Giancarlo Razzolini GPG: 4096R/77B981BC
