So, I'm curious, if anyone has compiled (or wants to volunteer pieces of) a list of mistakes that developers make when using libopenssl (for SSL/TLS). I mean source code issues, not operational/evironmental/PKI.
If that's not available, I'm sure I can develop one from reading a well-written howto on how to use it... any subtleties that won't prevent it from working but will prevent it from being secure are valuable. But it'd be easier if I had the first list, not its complement. :-) -- http://www.subspacefield.org/~travis/ Any sufficiently advanced magic is indistinguishable from reality.
pgpcBIwQpUqJ4.pgp
Description: PGP signature
