Arnt Gulbrandsen
About meAbout this blog

Too much hate for my taste

All the hate against openssl at the moment makes me sick. Yes, it was a bad bug, and yes, the API is frustrating. Still, it reminds me of an episode at, I think, Linux-Kongress in Cologne in 2002, and it is not a pleasant memory.

I wasn't wearing any badge, and hadn't been to many linux events in the eighteen months since I left Trolltech, so some people had forgotten how I look. Including one person, who talked at length about how evil Trolltech was. About 20% accurate facts, 30% lies and 50% opinion, and the opinion wasn't favourable. He also mentioned me specifically, with me standing slightly more than one meter to his side. He might not know how I looked, but he certainly could talk about my thoughts and intentions.

Haters gonna hate, I suppose, but it was deeply dispiriting all the same. I haven't been to Linux-Kongress since.


Switching to OpenSSL

Archiveopteryx uses OpenSSL by default starting with version 3.1.3. Sadly, it runs noticeably better than with Cryptlib.

Compatibility with other TLS stacks is clearly better. (more…)


Cryptlib in a sea of OpenSSL

Archiveopteryx uses Cryptlib. Still. It's good code, and Abhijit and I trust Peter. Almost everyone else on the planet uses OpenSSL. A few outcasts use something that shares code with OpenSSL, such as GnuTLS or SSLeay (why do these people all have a MiXEDcaps fetish?), and there's an even smaller lot that uses cryptlib, matrixssl etc.

Naturally, there are interoperability issues. There always are, (more…)