Project direction

Christian Heinrich christian.heinrich at cmlh.id.au
Mon Nov 2 03:24:38 UTC 2020


Dr Dale,

On Fri, 30 Oct 2020 at 10:45, Dr Paul Dale <paul.dale at oracle.com> wrote:
> The question was should we design our APIs to ease the pain existing
> users of OpenSSL or should we be trying to attract new users.
> The idea being that supporting existing users means not changing the
> existing API, whereas catering to new users means working towards
> a new fresh consistent API.

As far as I am aware the competition isn't much better than us ¯\_(ツ)_/¯

"LibreSSL was great as alternative when Heartbleed first emerged, but
LibreSSL development has lagged way behind OpenSSL to the point that
OpenSSL 1.1.1 is miles ahead of LibreSSL in performance" to quote
https://community.centminmod.com/threads/openssl-or-libressl-in-mid-2020.19810/

"There are no guarantees of API or ABI stability with this code: we
are not aiming to replace OpenSSL as an open-source project." to quote
https://www.chromium.org/Home/chromium-security/boringssl

Maybe we should define the problems that new end users experience
during onboarding instead and address those first?


--
Regards,
Christian Heinrich

http://cmlh.id.au/contact


More information about the openssl-project mailing list