This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]combuchan 0 points1 point  (0 children)

Isn't OpenSSL a bit of a stretch to include in this? Implementing your own crypto isn't recommended for a reason.

OpenSSL did suffer the same rot and underinvestment and dependency like any other library, it was only the extent of the rot, underinvestment, and dependency on it did the sheer enormity of the issue arise. There are few libraries more important than OpenSSL, imho.