On Oct 24, 2016, at 2:16 PM, Joerg Sonnenberger <jo...@bec.de> wrote: > > On Mon, Oct 24, 2016 at 09:56:45AM -0600, Warren Young wrote: >> The only common exception is this recent trend of replacing old, >> bloated software that grew organically over decades with well-focused >> fresh alternatives. (e.g. BIND vs nsd/unbound, LibreSSL vs OpenSSL, >> Postfix vs Sendmail, etc.) > > Bad examples. BIND was rewritten from scratch on a regular base
Really? The only time BIND was ever completely rewritten to my knowledge was for BIND 9, which is now 16 years old. nsd is a couple of years younger than that, and unbound is about half that age. More to the point, nsd + unbound still isn’t as functional as BIND 9, meaning there are fewer places for bugs to hide. > LibreSSL doesn't fix any of the fundamental issues of OpenSSL It fixes at least one, being the OpenSSL had turned into a kind of crypto dumping ground, so that the library supports virtually every weird crypto idea that’s ever been tried out around the SSL space for the past couple of decades. LibreSSL strips a whole lot of that out, so that it only supports modern TLS, no legacy SSL or nonstandard extensions, and then only the parts that are currently well-regarded, so that a program linked against it is not vulnerable to any of the bugs in those rarely-used parts of OpenSSL. There have been cases where a program linked against OpenSSL was vulnerable but not when linked to LibreSSL: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3567 If you simply mean that there is a certain amount of horridness to the OpenSSL API and that LibreSSH shares this, then yes, that is true. The only fix is a redesign, which means you break compatibility with all the programs that currently depend on OpenSSL or LibreSSL. Ideally, LibreSSL is just a bridge to something better, but knowing the way software inertia works, I wouldn’t bet on us getting to that something-better any year soon. > Postfix is more secure than (old) sendmail due to a different > architecture. :) Yes, Postfix is a pile of much smaller cooperating programs rather than a monolithic program as with sendmail, each of which may be debugged and privilege separated from the rest, which is exactly my point. (“…well-focused fresh alternative…”) _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users