Em 07-06-2014 03:38, Maxime Villard escreveu: > But the devs preferred to fork and now blame people. So, no, I don't > think LibreSSL will prevail, simply because it has - and will have - > nothing new and because it has no credibility. You should really take a look at the source code. If you're simply lazy, then take a look at the cvsweb: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/
This wasn't simple code deletion. They normalized the code with KNF. There were some new ciphers introduced. Lots of memory issues that OpenSSL has were and still are being solved. LibreSSL as it is now is already better than OpenSSL, by the simple fact that it has *less* code than it, so it has *less* bugs. It is possible some bugs were introduced by the changes? Probably. Time will tell. But if you take a look at OpenBSD's security track record, I willing to say that it will have few. The simple fact that they KNF'ed the code makes it easier for other people to read and find bugs. If you're not on tech@ then you don't know that this already happened, not just once, but several times in the past weeks. You should do your homework. Cheers, -- Giancarlo Razzolini GPG: 4096R/77B981BC
