[cryptography] Just how bad is OpenSSL ?

Ben Laurie ben at links.org
Tue Oct 30 07:24:42 EDT 2012


On Tue, Oct 30, 2012 at 11:17 AM, Peter Gutmann
<pgut001 at cs.auckland.ac.nz> wrote:
> Ben Laurie <ben at links.org> writes:
>
>>Apparently you think the best way to get a secure platform is to apply
>>pressure through pointless security standards.
>
> I think that's a bit of an extreme comment on FIPS 140.  For one thing it
> makes for a great measure of how desperate a vendor is to get onto the US
> government procurement gravy train, so it does have some value.

How can it be a great measure of that when OpenSSL has FIPS 140?



More information about the cryptography mailing list