On Wed, Aug 19, 2015 at 12:58:38PM -0700, Alice Wonder wrote:
> ``You also turn on thousands and thousands of lines of OpenSSL library code.
> Assuming that OpenSSL is written as carefully as Wietse's own code, every
> 1000 lines introduce one additional bug into Postfix.''
>
> We now know OpenSSL has not been written as carefully as Postfix. LibreSSL
> removed a lot of needless code and has cleaned up a lot of what was left.
Yes, but LibreSSL is just a fork, with mostly the same real issues.
Real work is happening upstream to improve the internals, not just
remove non-mainstream features. I don't see a compelling reason
to use LibreSSL if you're not on OpenBSD. I see successful marketing
with not much substance underneath.
If they really wanted to make a difference, they'd send patches,
not fork the project. I've seen very little by way of upstream
contributions.
--
Viktor.
