New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rename OpenSSL to OpenTLS To Comply with RFC7568 #6384

Closed
jandrusk opened this Issue May 31, 2018 · 13 comments

Comments

Projects
None yet
8 participants
@jandrusk
Copy link

jandrusk commented May 31, 2018

It's 2018 and 'SSL' is now a deprecated term given RFC7568 along with the POODLE and BEAST vulnerabilities that explicitly require the disabling of the SSL protocols. I move to have OpenSSL re-branded to OpenTLS to comply with RFC7568 and to eliminate confusion.

@richsalz

This comment has been minimized.

Copy link
Contributor

richsalz commented May 31, 2018

The OpenSSL "brand" is very recognized. We're not going to do this.

@richsalz richsalz closed this May 31, 2018

@richsalz

This comment has been minimized.

Copy link
Contributor

richsalz commented May 31, 2018

Another team member pointed out that I might be too harsh. Perhaps better is "we have no plans to do this at this time."

@jandrusk

This comment has been minimized.

Copy link

jandrusk commented May 31, 2018

The name doesn't reflect reality.

@richsalz

This comment has been minimized.

Copy link
Contributor

richsalz commented May 31, 2018

But it does have mindshare and reflect history. :)

@mattcaswell

This comment has been minimized.

Copy link
Member

mattcaswell commented May 31, 2018

I move to have OpenSSL re-branded to OpenTLS to comply with RFC7568 and to eliminate confusion.

I don't expect that changing the name will eliminate much confusion compared the amount it will cause.

@mspncp

This comment has been minimized.

Copy link
Contributor

mspncp commented Oct 5, 2018

I move to have OpenSSL re-branded to OpenTLS to comply with RFC7568 and to eliminate confusion.

FWIW: Today I stumbled over a very interesting historical fact about the rebranding of OpenSSL: Initially, when it emerged from SSLeay, it was called OpenTLS and only later on renamed to OpenSSL:

commit f1c236f849d9799a5de0ad1f6c64b33291f60c84
Author: Ralf S. Engelschall <rse@openssl.org>
Date:   Wed Dec 23 07:38:54 1998 +0000

    Switch to OpenSSL name

(see f1c236f)

commit c537fb08cd93c3c564478e6a238e502a7d17e216
Author: Ralf S. Engelschall <rse@openssl.org>
Date:   Tue Dec 22 16:01:06 1998 +0000

    OpenTLS ready

(see c537fb0)

commit 651d0aff98d28e2db146afa1790e9e22f3ef22db
Author: Ralf S. Engelschall <rse@openssl.org>
Date:   Tue Dec 22 15:04:48 1998 +0000

    Various cleanups and fixed by Marc and Ralf to start the OpenTLS project

(see 651d0af)

@mspncp

This comment has been minimized.

Copy link
Contributor

mspncp commented Oct 5, 2018

Ok, looking a bit closer at the dates: it was called OpenTLS for less than a day ;-)

@iamamoose

This comment has been minimized.

Copy link
Contributor

iamamoose commented Dec 17, 2018

Yes, the original planned name was going to be OpenTLS and it was changed to OpenSSL at the very last minute. It was fortunate we'd registered both domain names! I'll be writing a blog about this :)

@mspncp

This comment has been minimized.

Copy link
Contributor

mspncp commented Dec 17, 2018

I'll be writing a blog about this :)

Looking forward to read it :-)

@InfoHunter

This comment has been minimized.

Copy link
Member

InfoHunter commented Dec 17, 2018

I'll be writing a blog about this :)

As a part of the 20th anniversary? ;-)

@levitte

This comment has been minimized.

Copy link
Member

levitte commented Dec 17, 2018

I just read through RFC 7568, and must say I find a certain appeal in it. It's about more than just rebranding; it's about avoid all uses of SSLv3 if possible, so for example not having it as a fallback from TLS (I haven't looked if we do that kind of fallback today or not).

Renaming is just polish on the surface... (or virtue signalling, if you wish). If you ask me, modifying the code to comply with this RFC needs to happen first.

@iamamoose

This comment has been minimized.

Copy link
Contributor

iamamoose commented Dec 20, 2018

@StephenWall

This comment has been minimized.

Copy link

StephenWall commented Dec 20, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment