On 6/30/22 23:17, David C. Rankin via arch-general wrote:
...
Not to mention the security problems with it:
OpenSSL 3.0.5 awaits release to fix potential worse-than-Heartbleed flaw
Thanks for bringing that up David.
I am wondering if some folks might be leaning toward libressl, which at
least did not (appear to) have the last few security issues that openssl
suffered? Of course Theo de Raadt, who is driving libressl, was key in a
similar effort with openssh. However, I suspect libressl, lacking FIPS
support, will not gain sufficient traction - but who knows.
gene
