Never had the chance to seriously look into libressl. Do you think it would work fine if most of the world was running it rather than openssl?
macgyver@federation.red
on 10 Mar 2024 16:32
collapse
Probably so, but Apple is the only one I’ve encountered actually using it. The whole point is it’s supposed to be backwards compatible and it’s just not
rottingleaf@lemmy.zip
on 11 Mar 2024 06:43
collapse
If you meant that they’ve dropped plenty of openssl functionality - well, the whole purpose of the fork was to refactor it into something less scary. And since it was done by OpenBSD people - they have their own approach, not always culturally compatible with enterprise usage.
oDDmON@lemmy.world
on 10 Mar 2024 00:04
nextcollapse
TL;DR? > The problem is strictly speaking not even in curl code. It comes with the version of LibreSSL that Apple ships and builds curl to use on their platforms.
But because they’re Apple (right next to the Pope, for infallibility), they know best; same old story, rinse’n’repeat.
Really liked their stuff back in the day. Now? It’s another walled garden they scrabble to maintain.
sepi@piefed.social
on 10 Mar 2024 05:15
nextcollapse
You know, Steve Jobs used to be a huge jerk. Then he passed away.
Plague_Doctor@lemmy.world
on 10 Mar 2024 14:45
collapse
What day was it that you liked their stuff, and what made you stop?
smegforbrains@lemmy.ml
on 10 Mar 2024 06:44
collapse
Apple adheres to the principle of form over function, instead of the old but still valid form follows function design principle.
But TBH I never liked their stuff or their over the top big cheese attitude. So it’s not a disgruntled apple user writing this.
OpenBSD forked OpenSSL due to HeartBleed. OpenBSD developers are generally regarded as quite on top of their game when it comes to security, so why the “still using LibreSSL” FUD?
threaded - newest
LibreSSL is the fucking bane of my existence at work. So many issues caused by the keys it spits out vs others.
Never had the chance to seriously look into libressl. Do you think it would work fine if most of the world was running it rather than openssl?
Probably so, but Apple is the only one I’ve encountered actually using it. The whole point is it’s supposed to be backwards compatible and it’s just not
If you meant that they’ve dropped plenty of openssl functionality - well, the whole purpose of the fork was to refactor it into something less scary. And since it was done by OpenBSD people - they have their own approach, not always culturally compatible with enterprise usage.
TL;DR? > The problem is strictly speaking not even in curl code. It comes with the version of LibreSSL that Apple ships and builds curl to use on their platforms.
But because they’re Apple (right next to the Pope, for infallibility), they know best; same old story, rinse’n’repeat.
Really liked their stuff back in the day. Now? It’s another walled garden they scrabble to maintain.
You know, Steve Jobs used to be a huge jerk. Then he passed away.
Oh it’s so much worse than that. Part One Part Two
Here is an alternative Piped link(s):
Part One
Part Two
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Thank you Piped bot.
What day was it that you liked their stuff, and what made you stop?
Apple adheres to the principle of form over function, instead of the old but still valid form follows function design principle. But TBH I never liked their stuff or their over the top big cheese attitude. So it’s not a disgruntled apple user writing this.
Okay? Thanks for your… participation?
Anyone still using LibreSSL and not OpenSSL, has only themselves to blame. Or their company or whoever is forcing it on them.
Seems from the article that LibreSSL is fine, it’s about Apple patches to it.
OpenBSD forked OpenSSL due to HeartBleed. OpenBSD developers are generally regarded as quite on top of their game when it comes to security, so why the “still using LibreSSL” FUD?
You can follow curl’s lead developer on mastodon: @bagder@mastodon.social, seems like a very reasonable guy.