We're almost 5 years after Heartbleed. What is now the best SSL library to use? - forgot-my-pw
======
rurban
BoringSSL if you can, otherwise most projects still keep using openssl over
libressl. LibreSSL API changes were a bit too radical to be widely adopted,
and mbedtls or pornin's BearSSL is too different, though much better on recent
attacks.

I would summarize Google did a better job than the OpenBSD folks. Pornin's
BearSSL is also extremely good.

------
coding-columbo
I've used mbedtls for a few things but I don't see openssl going anywhere.

