Comment by dpeckett

8 hours ago

FWIW QUIC enforces TLS 1.3 and modern crypto. A lot smaller surface area and far fewer foot-guns. Combined with memory safe TLS implementations in Go and Rust I think it's fair to say things have changed since the heartbleed days.

2 comments

dpeckett

timschmidt 2 hours ago

> I think it's fair to say things have changed since the heartbleed days.

The Linux Foundation is still funding OpenSSL development after scathing review of the codebase[1], so I think it's fair to say things haven't changed a bit.

1: https://www.openbsd.org/papers/bsdcan14-libressl/

szundi 5 hours ago

[dead]