Welcome to Centmin Mod Community
Become a Member

OpenSSL OpenSSL 1.1.1 Beta 2 released

Discussion in 'CentOS, Redhat & Oracle Linux News' started by bassie, Apr 13, 2018.

Tags:
  1. bassie

    bassie Active Member

    804
    190
    43
    Apr 29, 2016
    Ratings:
    +569
    Local Time:
    3:33 PM
    OpenSSL 1.1.1 Beta 2 released 9 days ago.
    /news/newslog.html
    Couldn't find a thread yet so is this a new one?:)
     
    • Like Like x 1
  2. eva2000

    eva2000 Administrator Staff Member

    33,668
    7,456
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,461
    Local Time:
    11:33 PM
    Nginx 1.13.x
    MariaDB 5.5
    Yeah sort of ignored it now that TLS v1.3 drafts are out of sync with web browsers it's hard to get excited if you can't actually use it :LOL:
     
  3. bassie

    bassie Active Member

    804
    190
    43
    Apr 29, 2016
    Ratings:
    +569
    Local Time:
    3:33 PM
    OpenSSL is out of sync for a long time. Partly. Therefore all those forks.:D
     
    • Agree Agree x 1
  4. bassie

    bassie Active Member

    804
    190
    43
    Apr 29, 2016
    Ratings:
    +569
    Local Time:
    3:33 PM
    I must honestly admit that they are improving at OpenSSL.
    The question will be. Is it not too late?
    Never Say Never Again ;)
     
  5. eva2000

    eva2000 Administrator Staff Member

    33,668
    7,456
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,461
    Local Time:
    11:33 PM
    Nginx 1.13.x
    MariaDB 5.5
    Well OpenSSL seems to have surpassed LibreSSL in terms of development :)
     
  6. bassie

    bassie Active Member

    804
    190
    43
    Apr 29, 2016
    Ratings:
    +569
    Local Time:
    3:33 PM
    I can understand that both Google (BoringSSL) and Cloudflare (Lets say BoringFlare) have started their own project.
    I don't understand anything about LibreSSL.

    I don't understand that they don't just copy the code from OpenSSL and then just simply remove the In their view: 'weak code'.

    Now they bump behind the facts.
    For example still based on OpenSSL 1.0.1 with no support for dual cert.

    A simple and less time consuming solution is the one Red Hat implements.
    And that is simply disable features by patch code.
    So weak code is available but hard copy disabled (For example SSL3).

     
    Last edited: Apr 13, 2018
    • Agree Agree x 2
..