varnish with ssl
Poul-Henning Kamp
phk at phk.freebsd.dk
Wed Apr 7 23:24:22 CEST 2010
In message <4BBCF598.8020201 at stillbilde.net>, "Svein Skogen (Listmail Account)"
writes:
>> 2. I have looked at the OpenSSL source code, I think it is a catastroph=
>e
>> waiting to happen. In fact, the only thing that prevents attackers
>> from exploiting problems more actively, is that the source code is
>> fundamentally unreadable and impenetrable.
>
>You mean to tell me they didn't read style(9)?
It is not so much the fact that they certainly didn't read style(9),
as the fact that openssl started out as a researchers tool to play
with crypto algorithms, and got a facelift and was suddenly everybodys
crypto implementation by default.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the varnish-misc
mailing list