

PHK: OpenSSL must die, for it will never get any better. - paulsmith
http://queue.acm.org/detail.cfm?id=2602816

======
notdonspaulding
Also worth watching is his FOSDEM talk where he was calling for this _before_
news of Heartbleed broke.

[https://www.youtube.com/watch?v=fwcl17Q0bpk](https://www.youtube.com/watch?v=fwcl17Q0bpk)

------
tedchs
It "must die", OR how about we stop adding features to the protocol that don't
belong in it, and then implementing them poorly? Note that people who were
running a "too old" version of OpenSSL were not affected by Heartbleed.

------
coldcode
Someone has to pay for something to be what he says. Maybe the almighty Google
or Facebook or Apple someone should fork over some bucks to support a
correctly constructed alternative. Open source may be "free" but building
something complex and correct is not free to build. Given that openssl had
about 2K donated per year it's really a hobby project. It's not like Linus
works on Linux while flipping hamburgers for a living.

~~~
phkamp
It's absolutely true, good programming costs money and somebody has to pay[1],
but given the amount of money floating through TLS protected connections, that
should be a solveable problem, once people realize it is there.

But I think the major problem with OpenSSL is that it never had anything
resembling architectural leadership: Things just got bolted on to the side and
hung from any convenient nail people could find.

PS: Yes, I wrote that piece.

[1] [https://www.varnish-
cache.org/docs/trunk/phk/dough.html](https://www.varnish-
cache.org/docs/trunk/phk/dough.html)

------
astral303
What about putting in effort into writing extensive test suites and fuzzing of
OpenSSL? This would allow a gradual refactoring effort to clean up the
nastiest bits.

~~~
josteink
> What about putting in effort into writing extensive test suites

Easier said than done. Writing test-suites for a codebase which never had a
test-suite is a million times harder than writing a test-suite for new, fresh
code.

In fact it's probably easier to start over than re-factoring the code to be
testable in the first place, but some people might argue that would be a wee
bit drastic. So not saying it can't be done, just that it does take a very
significant effort.

If anyone should still feel like doing something like this, I can very much
recommend the following book for advice and morale boost:

[http://www.amazon.com/gp/product/0131177052/ref=as_li_ss_tl?...](http://www.amazon.com/gp/product/0131177052/ref=as_li_ss_tl?ie=UTF8&camp=1789&creative=390957&creativeASIN=0131177052&linkCode=as2&tag=jostekjoni-20)

(Discalimer: Affiliate link)

------
orkoden
There are enough alternatives already. It's true. We could all just move on.

------
rainmaking
Sounds a bit fatalistic, now that the OpenBSD folks seem to have come to the
rescue.

