9 thoughts on “Heartbleed

  1. Is it? Serious question. I feel like it might be better than OpenSSL, but that’s not a high bar. It’s still written in C, though, with all the issues that involves.

  2. Why are you calling for an OpenSSL replacement to be written in Rust? Please elaborate.

  3. Rust is a language with, among other things, guaranteed memory safety. Entire classes of programming errors which have plagued C for decades are not possible by design in Rust. That’s the point, and that’s why Mozilla’s next-generation browser engine is going to be written in it. I am suggesting that we apply some of those excellent qualities to try and make an SSL library that doesn’t have buffer overruns, uninitialized variables, etc.

  4. And Rust is designed to make it be straightforward to write code that’s as fast as equivalent C++, which is important.

Leave a Reply

Your email address will not be published.