📅 Original date posted:2015-07-29
📝 Original message:I believe the idea is to replace openSSL with
https://github.com/bitcoin/secp256k1 that Pieter and Greg spent quite
some time rigorously testing and have at this point better confidence
in than *SSL libraries.
I think the lessons learned from it as concluded by Pieter and Greg
are that openSSL and derivatives are not focussed on consensus
consistency, such that even if actively maintained and security
reviewed, their own bug fixes can break bitcoin.
Adam
On 29 July 2015 at 06:41, Mike Hearn via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
>> This solved the vulnerability, and opens the door to using non-OpenSSL
>> signature verification in the near future.
>
>
> Great work!
>
> It also means the remaining usages of OpenSSL can be safely replaced with
> something like LibreSSL or (perhaps better) BoringSSL.
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
Adam Back [ARCHIVE] /
npub1ac…lswfj
2023-06-07 15:43:40
in reply to nevent1q…eau3
Author Public Key
npub1ac86vemj7ce5z8jyxt39rna3tvwql6xd30ha3vxcd6esysp23d9qrlswfjPublished at
2023-06-07 15:43:40Event JSON
{
"id": "28a4f767d5452217fdf5915edfb574ecde35a94c520552fe79a1e621c20b42aa",
"pubkey": "ee0fa66772f633411e4432e251cfb15b1c0fe8cd8befd8b0d86eb302402a8b4a",
"created_at": 1686152620,
"kind": 1,
"tags": [
[
"e",
"8aa52b9fa27e6b8c9504da2dd91b409578812dfd55148386997b17e8db63aced",
"",
"root"
],
[
"e",
"d4b7d8e586c0aa16ea6f8320ca0d97aec096986fce7b8850eb7f39941962859e",
"",
"reply"
],
[
"p",
"f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2"
]
],
"content": "📅 Original date posted:2015-07-29\n📝 Original message:I believe the idea is to replace openSSL with\nhttps://github.com/bitcoin/secp256k1 that Pieter and Greg spent quite\nsome time rigorously testing and have at this point better confidence\nin than *SSL libraries.\n\nI think the lessons learned from it as concluded by Pieter and Greg\nare that openSSL and derivatives are not focussed on consensus\nconsistency, such that even if actively maintained and security\nreviewed, their own bug fixes can break bitcoin.\n\nAdam\n\nOn 29 July 2015 at 06:41, Mike Hearn via bitcoin-dev\n\u003cbitcoin-dev at lists.linuxfoundation.org\u003e wrote:\n\u003e\u003e This solved the vulnerability, and opens the door to using non-OpenSSL\n\u003e\u003e signature verification in the near future.\n\u003e\n\u003e\n\u003e Great work!\n\u003e\n\u003e It also means the remaining usages of OpenSSL can be safely replaced with\n\u003e something like LibreSSL or (perhaps better) BoringSSL.\n\u003e\n\u003e _______________________________________________\n\u003e bitcoin-dev mailing list\n\u003e bitcoin-dev at lists.linuxfoundation.org\n\u003e https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev\n\u003e",
"sig": "c5b84f87ab2ad49785d776f67884756769cc2739864cf00d54a79e48c560562d9d3d560a8b6e0be3118a7df8deed175088223d82961ddafd5cecb75ce21bae17"
}