Michael Nygard · Apr 7, 2014 · 9:30 PM UTC

Michael Nygard @mtnygard

7 Apr 2014

Serious question: is it better to rewrite a library that's had a lot of implementation problems, or is it better to keep hardening OpenSSL?

Stefan Tilkov · Apr 7, 2014 · 9:42 PM UTC

Stefan Tilkov · Apr 7, 2014 · 9:42 PM UTC

Stefan Tilkov @stilkov

7 Apr 2014

Replying to @mtnygard

@mtnygard Well, you know about Things You Should Never Do (Part I): joelonsoftware.com/articles/…

Apr 7, 2014 · 9:42 PM UTC

Michael Nygard · Apr 7, 2014 · 9:43 PM UTC

Michael Nygard @mtnygard

7 Apr 2014

Replying to @stilkov

@stilkov Yep. Except when you should.

Stefan Tilkov · Apr 7, 2014 · 9:45 PM UTC

Stefan Tilkov @stilkov

7 Apr 2014

@mtnygard Right. But a security lib especially strikes me as the sort of thing that gets a lot of value from a decade or two of bug fixes