I believe the idea is to replace openSSL with https://github.com/bitcoin/secp256k1 that Pieter and Greg spent quite some time rigorously testing and have at this point better confidence in than *SSL libraries.
I think the lessons learned from it as concluded by Pieter and Greg are that openSSL and derivatives are not focussed on consensus consistency, such that even if actively maintained and security reviewed, their own bug fixes can break bitcoin. Adam On 29 July 2015 at 06:41, Mike Hearn via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote: >> This solved the vulnerability, and opens the door to using non-OpenSSL >> signature verification in the near future. > > > Great work! > > It also means the remaining usages of OpenSSL can be safely replaced with > something like LibreSSL or (perhaps better) BoringSSL. > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
