Get the most out of your Centmin Mod LEMP stack
Become a Member

OpenSSL OpenSSL 1.1.1 Beta 2 released

Discussion in 'CentOS, Redhat & Oracle Linux News' started by buik, Apr 13, 2018.

Tags:
  1. buik

    buik Well-Known Member

    1,147
    304
    83
    Apr 29, 2016
    Ratings:
    +883
    Local Time:
    9:45 AM
    OpenSSL 1.1.1 Beta 2 released 9 days ago.
    /news/newslog.html
    Couldn't find a thread yet so is this a new one?:)
     
    • Like Like x 1
  2. eva2000

    eva2000 Administrator Staff Member

    41,095
    9,195
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,106
    Local Time:
    5:45 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yeah sort of ignored it now that TLS v1.3 drafts are out of sync with web browsers it's hard to get excited if you can't actually use it :LOL:
     
  3. buik

    buik Well-Known Member

    1,147
    304
    83
    Apr 29, 2016
    Ratings:
    +883
    Local Time:
    9:45 AM
    OpenSSL is out of sync for a long time. Partly. Therefore all those forks.:D
     
    • Agree Agree x 1
  4. buik

    buik Well-Known Member

    1,147
    304
    83
    Apr 29, 2016
    Ratings:
    +883
    Local Time:
    9:45 AM
    I must honestly admit that they are improving at OpenSSL.
    The question will be. Is it not too late?
    Never Say Never Again ;)
     
  5. eva2000

    eva2000 Administrator Staff Member

    41,095
    9,195
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,106
    Local Time:
    5:45 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Well OpenSSL seems to have surpassed LibreSSL in terms of development :)
     
  6. buik

    buik Well-Known Member

    1,147
    304
    83
    Apr 29, 2016
    Ratings:
    +883
    Local Time:
    9:45 AM
    I can understand that both Google (BoringSSL) and Cloudflare (Lets say BoringFlare) have started their own project.
    I don't understand anything about LibreSSL.

    I don't understand that they don't just copy the code from OpenSSL and then just simply remove the In their view: 'weak code'.

    Now they bump behind the facts.
    For example still based on OpenSSL 1.0.1 with no support for dual cert.

    A simple and less time consuming solution is the one Red Hat implements.
    And that is simply disable features by patch code.
    So weak code is available but hard copy disabled (For example SSL3).

     
    Last edited: Apr 13, 2018
    • Agree Agree x 2