[__david__]

Interesting, I had no idea the changes that were happening to OpenSSL. It's sad that it took Heartbleed to kick it in the butt, but it's heartening that they appear to be heading in a better direction now.

I'm also curious how LibreSSL is doing—I haven't heard much about it lately. Did it fizzle, or is it still making good progress?

[Leynos]

LibreSSL is part of the OpenBSD base system, and that is their primary target AIUI. They also maintain a portable version with support for a wider range of operating systems.

There's a good summary of LibreSSL's track record over the past two years in comparison with OpenSSL on the LibreSSL Wikipedia page (https://en.wikipedia.org/wiki/LibreSSL#Security_and_vulnerab...).

There was also news a few days ago (https://news.ycombinator.com/item?id=12691733) that Alpine Linux is adopting LibreSSL Portable in place of OpenSSL.