|
|
|
|
|
|
by twitchyliquid64
3180 days ago
|
|
|
Guess you could say noise is pretty quiet xD +1 for trying to eliminate complexity from developer error. This was one of the worst cows in the herd for OpenSSL. That said, I think a bit of good design on the APIs part can go a long way. For Instance, I think Go's crypto/tls aint bad: Its pretty difficult to 'accidentally' configure it in a shocking configuration (suites have to be overridden, turning off verification requires you to set a field called InsecureNoVerify etc). |
|
|