No wonder its Juniper Co... great influence on FreeBSD... BearSSL vs LibreSSL:
Current version is 0.6. It is now considered beta-quality software.
The whole of BearSSL is published under the MIT License.
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014.
License Apache License 1.0, 4-clause BSD license, ISC license, public domain.
Well
"All the code to do signature verification, fingerprint matching etc,
in fact the entire mini-veriexec for the loader adds only about 80K.
Last I looked at trying to achieve the same using OpenSSL - I gave up at
6M"
Don't know for sure if the same can be made with LibreSSL. Quite probably. If not - please share your knowledge.
Still, Juniper and FreeBSD for security purposes want to use probably very talented guys crypto project that's in beta. Great.
This will be in base but only in the /src tree.
Not built by default but another tool that can be used.
I look at it like all other tools in the /src/tools/ directory.
Some are rather dated and creaky. So a beta grade project that brings us secure boot process is better than no software whatsoever.
I am sure with time this project will mature.
My comments about LibreSSL were more focused on the nature.
LibreSSL is meant to be a drop in replacement for OpenSSL.
BearSSL has another focus.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
