[raro11]

I don't know anything, but chuckled because of today's news: https://news.ycombinator.com/item?id=33380500

[nicce]

Impact of the bugs in OpenSSL are so significant, that they always end up in to the news. BearSSL is still a quite little project compared to it, and because of that no CVE:s are being made if the author finds a bug by themself from his own code.

On the other hand, every bug in OpenSSL gets CVE mark and will end up into the news. It gives distorted view and comparison of the software quality between many projects.

[snvzz]

Which of course doesn't affect libressl.

I still can't comprehend how the industry didn't simply move to libressl early on.