Le 07/06/2014 05:41, Eric Furman a écrit : > > On Fri, Jun 6, 2014, at 07:28 AM, Maxime Villard wrote: >> Le 06/06/2014 12:47, Eric Furman a écrit : >>> >>> On Fri, Jun 6, 2014, at 04:20 AM, Renaud Allard wrote: >>>> On 06/06/2014 05:18 AM, Eric Furman wrote: >>>>> On Thu, Jun 5, 2014, at 08:36 PM, Giancarlo Razzolini wrote: >>>>>> Em 05-06-2014 21:23, David Goldsmith escreveu: >>>>>>> Probably ipfilter >>>>>>> >>>>>>> >>>>>> http://christopher-technicalmusings.blogspot.com/2009/03/switching-firewalls-from-ipf-to-pf-on.html >>>>>>> >>>>>> If it is indeed ipfilter, I don't think OpenSSL will have the same fate. >>>>>> There is lots of money on it, and even more now, that the Linux >>>>>> Foundation is funding them directly. I believe that LibreSSL and OpenSSL >>>>>> will live alongside for a long time. >>>>> >>>>> That's a valid opinion, but as I said, I doubt it. >>>>> Vendors aren't stupid. With all that has happened lately, >>>>> given a choice the switch will not take long. >>>>> >>>>> >>>> Given a choice, perhaps. But some will stick with OpenSSL only because >>>> they want the money given by FIPS certification. >>>> >>> >>> This is a joke, right? I think you are sadly misinformed. >>> This is OPEN SOFTWARE. Vendors will choose the least problematic >>> software. >>> You are naive. >> >> Ah. >> >>> I think you underestimate the intelligence of SSL Vendors. >>> Free software is fantastic, we all benefit, but Vendors choose >>> the best solutions. Given the current circumstances >>> Libre.SSL WILL prevail. >>> >>> I HAD TO CHANGE MY PASSWORD AT ALL OF MY ONLINE BANKING ACCOUNTS! >>> THEY KNOW THAT OPENSSL IS SHIT! HOW LONG DO YOU THINK THEY WILL >>> CONTINUE TO USE SHITE FROM OPENSSL? >>> THEY ARE NOT STUPID! >>> Thank you >>> >> >> Because LibreSSL is bug-free? You think that in only 2 months LibreSSL >> has >> become the "least problematic" SSL software, and that everyone should use >> this instead of the usual "OpenSSL shit"? >> >> You are trying to convince us that LibreSSL is secure, and that if >> there's >> a bug, it's because of OpenSSL. I just find it a bit too easy, especially >> when most of the OpenSSL "shit" is included in LibreSSL. >> >> That, is great, naive joke. >> >> (and I'm not blaming LibreSSL) >> > > Sorry for the rant. > I think you must have missed my original post.
I didn't. > I claimed that "within a year" OpenSSL will be replaced. > I said nothing about replacing it now or anytime very soon. > LibreSSL is still a work in progress and when it is a finished product > it may contain some of the same elements that are in OpenSSL, but > that may not necessarily be true in the end. > My point is that LibreSSL is being developed by the OpenBSD team. > This team has a very long track record of producing very good code. > Will there be no bugs in LibreSSL? I can't answer that question. > But I will be confident that it will be superior to OpenSSL. > What gives LibreSSL more credibility? There's almost nothing new or innovative in it; it's just a cleaned up copy of OpenSSL. There might be some changes in the future, but you can be sure that LibreSSL will lag behind OpenSSL - and most of the code will remain the same. Contributing code upstream would have been a way more productive approach; it would have given a better image of the OpenBSD team, more credibility, and people would have been tempted to look deeper at what those guys do, to then figure out that these things are potentially good products. But the devs preferred to fork and now blame people. So, no, I don't think LibreSSL will prevail, simply because it has - and will have - nothing new and because it has no credibility. (And I also think that no one gives a fuck about this discussion, so I suggest we stop here, or continue offlist)
