[Cryptography] LibreSSL unaffected by DROWN
Viktor Dukhovni
cryptography at dukhovni.org
Wed Mar 2 15:22:24 EST 2016
On Wed, Mar 02, 2016 at 10:26:50AM -0800, Henry Baker wrote:
> I'll put that right up there with "God could create the world in 7 days
> because he didn't have an installed base".
OpenSSL 1.0.x is a stable release with a stable ABI used on many
platforms for many diverse purposes. Therefore, changes in 1.0.x
are slower than is possible in a release than leaves compatibility
behind.
OpenSSL 1.1.0 (days away from beta), which does break compatibility
with 1.0.x, also removes SSLv2, and has many improvements that
LibreSSL does not. Neither is strictly better, there are surely
things that are better in LibreSSL than in OpenSSL 1.1.0.
Theo is an avid marketer, the reality is a bit more complex.
--
Viktor.
More information about the cryptography
mailing list