Episode Details

Josh and Kurt talk about the recent OpenSSL nothingburger. OpenSSL got everyone whipped into a frenzy over a critical vulnerability, then changed the severity to high. The correct solution to this whole problem is to stop using a TLS library written in C, we need to be using memory safe languages. Don't migrate from OpenSSL 1 to 3, migrate from OpenSSL 1 to Rustls.

Show Notes

• OpenSSL Blog Post
• OpenSSL pre-announcement
• Mark Cox Tweet 3.0 only affected
• GossiTheDog NDA Tweet
• Claims of a name and logo
• Rustls

Image Credit