Hanno Böck <ha...@hboeck.de> writes: >My impression of OpenSSL is that it has a strong tendency to ship "bloat", >i.e., features that either barely anyone needs, but that still get added ( >remember Heartbeat extension?), or that should've been deprecated long ago.
I think it's not so much the fault of OpenSSL per se but more that it ends up as the universal guinea pig for anything a third party wants to play with. I don't know how many research papers I've read presenting some whiz-bang clever idea that says something like "we modified OpenSSL x.yz to add ...". One possible solution would be to have an experimental version of OpenSSL that everyone can play with alongside the production version that minimises clever ideas. Peter.
