Starting over with...SSLRef?

Back in the late 90s I worked on a project that needed secure communication. At the time, our reasonable choices were SSLeay or SSLRef. SSLeay was the precursor to today&#x27;s OpenSSL and obviously free. SSLRef was a commercially available library and cost around $30K to license for commercial applications. We chose SSLRef because we were concerned how our potential customers would react to having an open source secure communications implementation. Years later we switched to use OpenSSL. Kind of ironic, but not the point here.<p>Anyway, the point of this is that I remember SSLRef being decent code. Debugging it was fairly simple and it had a pretty good structure, which is very different than SSLeay&#x2F;OpenSSL. This makes me wonder if it could serve as the basis for a replacement for OpenSSL.<p>It looks like Apple uses SSLRef in some capacity and the source code is available at http:&#x2F;&#x2F;www.opensource.apple.com&#x2F;source&#x2F;Security&#x2F;Security-30.1&#x2F;SecureTransport&#x2F;<p>To be clear, I understand that the license of this code is a problem (perhaps the current copyright holder could donate it?). I also understand that we&#x27;ve learned a lot about various attacks against SSL&#x2F;TLS since it was written and it surely has not been patched to resolve them. It also does not currently support TLS.<p>However...assuming the code could be&#x2F;has been re-licensed by whoever owns it today, would it make sense to use SSLRef as a starting point for an OpenSSL replacement? I mean, wouldn&#x27;t that be better than starting over with new implementation?