[vaxdigitalnh]

That's my main problem with OpenSSL: it tries to be so much more than SSL (despite it's name), and with all that extra functionality comes more responsibility, e.g. a much higher auditing burden.

OpenSSL is an impressive amount of work that has a long history, but for some purposes, it seems needlessly large and complex.

Reminds me of when OpenBSD wrote openntpd. The ntpd folks felt the need to criticise the project because it tried to simplify things a little, and left out much of the functionality (and complexity) added to ntpd over the years.

Overall, unless I am the one who has written something and thus understands how it is constructed from the ground up, I find smaller amounts of code (e.g. as standalone modules) easier to work with than larger ones.

Massive, integrated projects with huge amounts of code seem very popular, and I often wonder if I am alone in my appreciaton and preference for smaller standalone chunks of code.