varnish with ssl

Poul-Henning Kamp phk at
Wed Apr 7 23:24:22 CEST 2010

In message <4BBCF598.8020201 at>, "Svein Skogen (Listmail Account)"

>> 2. I have looked at the OpenSSL source code, I think it is a catastroph=
>>    waiting to happen.  In fact, the only thing that prevents attackers
>>    from exploiting problems more actively, is that the source code is
>>    fundamentally unreadable and impenetrable.
>You mean to tell me they didn't read style(9)?

It is not so much the fact that they certainly didn't read style(9),
as the fact that openssl started out as a researchers tool to play
with crypto algorithms, and got a facelift and was suddenly everybodys
crypto implementation by default.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

More information about the varnish-misc mailing list