|
|
|
|
|
|
by jacques_chester
4830 days ago
|
|
|
OK, TLS is complex. But a lot of that is due to its configurability. How would you have fared if you'd picked a simpler TLS library (PolarSSL, for example, is meant to be embedded) and then simply defined a single ZeroMQ configuration profile and said "that's it, that's all we're going to support"? |
|
|
...and as many have noted, that configurability is the root of a lot of security problems.
The pick one approach and say, "that's all we're going to do" might be one way to solve the problem. I'm not sure it'd be any better.