Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSL 1.0.2 Released

Posted by timothy on from the early-days dept.

kthreadd writes The OpenSSL project has released its second feature release of the OpenSSL 1.0 series, version 1.0.2 which is ABI compatible with the 1.0.0 and 1.0.1 series. Major new features in this release include Suite B support for TLS 1.2 and DTLS 1.2 and support for DTLS 1.2. selection. Other major changes include TLS automatic EC curve selection, an API to set TLS supported signature algorithms and curves, the SSL_CONF configuration API, support for TLS Brainpool, support for ALPN and support for CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.

2 of 97 comments (clear)

  1. Re:libressl-2.1.3 by Anon+E.+Muss · · Score: 5, Insightful

    libressl is NOT portable. Supporting BSD and Linux is not the definition of "portable" (see also: "We play both types of music: Country and Western"). The libressl code depends on the non-standard #include_next preprocessor directive, so it can only build with GCC (and probably clang, which emulates many GCC-isms). Forget about building on Windows using Microsoft's C compiler.

    OpenSSL remains the only portable SSL library that can be used by both open source and commercial developers alike. Which is really a shame, because OpenSSL sucks. All the bad things the libressl people have said about OpenSSL are absolutely true.

    --
    The key sequence to access my Slashdot bookmark in Firefox is Alt-B-S. I don't believe this is a coincidence.
  2. Re:Do you really trust the OpenSSL Corporation? by Anonymous Coward · · Score: 5, Insightful

    Do you think the absence of documentation is due only to laziness?

    Yes. "Never attribute to malice that which can be explained by incompetence." Not every fuckup is a conspiracy.

    I don't know any programmers who like writing documentation. Start with that, and add that the OpenSSL code is complicated and poorly written, and it's no wonder the documentation is lacking.