Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The code is openly sourced, developed, and tested. It, like privately sourced, developed and tested code contains bugs. Since you are casting the stones, am i to assume code you have been around is free of these eventualities?


What I'm saying is that we should be looking at (open) alternatives to OpenSSL, like GnuTLS for example.

It's not about open vs closed or "all code has bugs", it's about the OpenSSL project needing to rethink their security strategy and general guidance.


GnuTLS does not use an acceptable license. Apache/BSD/MIT please. It's the only way you'll find it replacing OpenSSL everywhere.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: