> On Jan 28, 2022, at 11:53 AM, Laura Smith
> <n5d9xq3ti233xiyif...@protonmail.ch> wrote:
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
>
>> On Friday, January 28th, 2022 at 14:43, dansk puffer
>> <danskpuf...@outlook.com> wrote:
>>
>> Are there any major security differences between libressl and openssl
>> nowadays? From what I read the situation for openssl improved and some Linux
>> distros switched back to openssl again with mostly? OpenBSD remaining to use
>> libressl.
>
> For me at least, my main beef with Libressl is that it has seemingly mostly
> achieved its security posture by removing functions.
>
> Unfortunatley the functions removed are not obscure ones, but more common
> ones such as, IIRC, various very useful certificate and PKCS11 related
> functions.
>
Not to be rude, but you obviously don’t know anything about how code security
works.
The less code surface area that attackers have to play with, the safer you are.
It is mathematically proven.
Now, removing code that had known quality and cultural SDLC issues that prevent
the code from being secure, yes, I’m absolutely for removing that crap from the
face of the earth.
If nobody else joins us, who gives a shit.
