[masklinn]

> Isn't that largely because the LibreSSL team refused the invite to the exclusive OpenSSL security list?

Would you have a source for that? And for their reasoning behind it? Was "last time" poodle or something else?

edit: in the sister thread[0] rlpb suggests the point of contention is that OpenSSL embargoes but Theo/OpenBSD (and thus libressl) does not take part in embargoes (and other issues including Theo being Theo), linking to http://lwn.net/Articles/601958/ as supporting evidence, which looks to cover just about all grounds.

[0] https://news.ycombinator.com/item?id=9217022

[rlpb]

Story, with sources, at: http://lwn.net/Articles/601958/

They were asked to join the distros list, and they declined.

[masklinn]

Yep, found it just a few minutes ago and added it as an edit to the original comment. Thanks a lot.

[acqq]

> Was "last time" poodle or something else?

Excuse me please, I see you are emotional about the issue but I don't think it's the good way to discuss it. Asking for the source for the claim is OK, this however...

[masklinn]

> Excuse me please, I see you are emotional about the issue […] Asking for the source for the claim is OK, this however...

Uh what? I was just providing a relatively recent issue which IIRC libressl was also affected by as a possible candidate (turns out the issue in question is much older and not a "named vulnerability")