Post B30NJzJ3J3WI3HDBfU by djb@mastodon.cr.yp.to
 (DIR) More posts by djb@mastodon.cr.yp.to
 (DIR) Post #B30NJzJ3J3WI3HDBfU by djb@mastodon.cr.yp.to
       2026-02-05T07:52:34Z
       
       1 likes, 0 repeats
       
       One of the OpenSSL disasters announced last week (CVE-2025-15469) is really the fault of OpenSSL's detached-signature interface. With a signed-message/message-recovery interface, the bug would have had no effect on security, and would have been easier to catch. Interfaces matter.