Serious question: is it better to rewrite a library that's had a lot of implementation problems, or is it better to keep hardening OpenSSL?
13
15
5
@mtnygard Well, you know about Things You Should Never Do (Part I): joelonsoftware.com/articles/…
1
1
@stilkov Yep. Except when you should.
1
@mtnygard Right. But a security lib especially strikes me as the sort of thing that gets a lot of value from a decade or two of bug fixes
2
@stilkov I would _almost_ always agree, but for some opinions from people I respect who say OpenSSL is unsalvageable.
2
@mtnygard @stilkov coming late to the discussion - I don't think it's OpenSSL that's unsalvagable. I think it's TLS.
2
2
Replying to @olabini
@olabini @mtnygard Why? Because of its reliance on centralized authorities? That would seem orthogonal to the code/impl discussion IMO.

Apr 12, 2014 · 2:57 PM UTC

1
Replying to @stilkov
@stilkov @mtnygard @abedra well, CAs is another problem. But the core of the problem is that TLS is actually very complex. That causes cruft
2
@olabini @mtnygard @abedra Agreed, complex protocols → implementations with more bugs. I’m not enough of a security person to judge TLS.
1
more replies