Frankly I've never liked man pages. To me they always screamed "This is how documentation was done in the 90s." The examples are often very unclear or incomplete, and the explanations often assume prior knowledge without providing links in case such knowledge is absent.<p>Modern documentation has gotten way better, as seen in the Stripe docs and many others, and I wish the man pages could be updated accordingly.
"For instance it doesn't have everything you need to validate certificates..."<p>Yet it has all the CA crap thrown in, via the overloaded openssl binary. As "examples". And according to the documentation, not even "correct" illustrations of how libssl should be used.<p>Encryption and authentication are two separate problems.<p>Just because you figured out a way to encrypt a message does not mean you have also figured out how to a way to send it to only the correct recipient... over an insecure network. (Insecure not only in the sense of "plaintext" but in the sense you are not in control of much of anything - routing, PKI infrastructure, etc.)<p>It seems to me that one would want to solve the authentication problem <i>first</i>, and then move on to encryption.<p>This comment shows that for proponents of using SSL on the <i>public</i> web, it's been the other way around. Authentication was never sorted out.<p>When it comes to <i>authentication</i>, all due respect to the OpenSSL authors, SSH has provided a better attempt at a solution than any implementation of PKI using SSL/TLS.<p>And one more thing, how many ciphers does a user really need? As we've heard time and again, many of them are not even "safe" to use. Some of the alternative SSL libraries have wisely removed them. But I guess OpenSSL is append only?
OpenSSL is pretty bad. After reading about some of the stuff that lead the the libressl fork, I wouldn't trust it with my lunch money. Sure, the algorithms are good, but as far as the code's concerned, Heartbleed was the tip of the iceberg.
The experts writting it for themselves part seemed inaccurate given what I read in LibreSSL commits. It was one atrocity after another. Still love Ted Unganst's observation about them making surd endianess of CPU doesnt change while protocol is running. Just cant remember how often that check was performed.<p>"Experts"... lol...
If you think OpenSSL is bad, try MIRACL (only documentation I could find is a word file that's basically a list of function signatures). And OpenSSL at least generally builds fine on a vanilla Ubuntu machine.<p>In contrast, libsodium deserves praise for writing documentation like they want people to actually use their library.
openSSL dates from a time when security was mostly of low importance. (not that things have really changed that much. iot I'm looking at you).<p>shock horror it shows.<p>i find it really quite painful that no one seems to be taking this as seriously as it deserves.<p>cost must be literally hundreds of billions a year now of electronic crime simply because we have been denied secure communications from day 1.