| ▲ | dpeckett 8 hours ago | |
FWIW QUIC enforces TLS 1.3 and modern crypto. A lot smaller surface area and far fewer foot-guns. Combined with memory safe TLS implementations in Go and Rust I think it's fair to say things have changed since the heartbleed days. | ||
| ▲ | timschmidt 2 hours ago | parent | next [-] | |
> I think it's fair to say things have changed since the heartbleed days. The Linux Foundation is still funding OpenSSL development after scathing review of the codebase[1], so I think it's fair to say things haven't changed a bit. | ||
| ▲ | szundi 5 hours ago | parent | prev [-] | |
[dead] | ||