What benefits will I receive, if I use LibreSSL vs OpenSSL?

896    Asked by ankur_3579 in SQL Server , Asked on Jan 6, 2022

What are the main advantages of using LibreSSL vs OpenSSL?I understood via a blog that LibreSSL is a fork of OpenSSLLibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes. Is this library widely used? Why would server administrators choose LibreSSL over OpenSSL?

Answered by Andrea Bailey

Some highlights of why LibreSSL is used more when compared to OpenSSL:


  • It replaces OpenSSL on OpenBSD, OS X since 10.11 and on some other systems.
  • It started with throwing away lots of stuff which was considered useless for the target platforms or insecure by design and it also added some more secure defaults.
  • The result of this is that from the 6 critical vulnerabilities in OpenSSL since the fork none affected LibreSSL.
  • Why would server administrators choose LibreSSL from LibreSSL vs OpenSSL? 
If anybody cares about security or wants to better sleep at night and not care about the next OpenSSL vulnerability the choice should be clear.


Your Answer

Interviews

Parent Categories