Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 3DF1071F for ; Wed, 29 Jul 2015 13:41:08 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-io0-f169.google.com (mail-io0-f169.google.com [209.85.223.169]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id B5F091B3 for ; Wed, 29 Jul 2015 13:41:07 +0000 (UTC) Received: by iodd187 with SMTP id d187so21516914iod.2 for ; Wed, 29 Jul 2015 06:41:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vinumeris.com; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Doa9uwOhD7XpSz+v5i/m3LTk+7KMHOYup3m1NV5Ix8o=; b=LTAu6k/5bcnE3gbSof3CKz3NllQA2jLK2YVYeu4exEgIsRftrQdtvWFHJvqN7j7HMY D1eO87qV8cokIYqAZf5jycOEINCSXmAV2sA7M0BCur9rwnVEWNBQ7e48VIPKqFwnh4Ne QzDGv5monZ+vMALwM4WARTSUHB9c9V1B704QE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=Doa9uwOhD7XpSz+v5i/m3LTk+7KMHOYup3m1NV5Ix8o=; b=bE/65BkuT1dmTB9qSbgDfWRK9Xh101Yt0+XAKPoYJij/LbeBWl9rUhYobzakHh+BqC zvgjKVBhTa35JR/3LiJJL2yK+9MeMcLO90iPkPxxjJpYp6RrTFLAVqKRTPBdUQ47WIwH w8KU+4S6O3YxV9cpXdpYPexMozBdWyaLbc8npgR/myw7XAErD6eEShFVGNrFBi6oB0sY eAcQR5XB96HYuC1dQEUXNgZBI26QunCW+4PKRBI9U2AbsDppbze36I0HewerIcslXIkW wtC2Mr1W1BJVEF/Bw14wGIVpQKqMJoPQ42zsk2JpCERTllWnizYeHE++Z0NReQ/ZOn0z TcGA== X-Gm-Message-State: ALoCoQndyXAC0Cu55rGyBgoEMMGwWmCA1Bc4VxGGbZ+IU5k+2RyQZptUDDHcg+59w95mjxDKBT9x MIME-Version: 1.0 X-Received: by 10.107.135.193 with SMTP id r62mr1631389ioi.29.1438177267196; Wed, 29 Jul 2015 06:41:07 -0700 (PDT) Received: by 10.50.108.111 with HTTP; Wed, 29 Jul 2015 06:41:07 -0700 (PDT) In-Reply-To: <55B79146.70309@gmail.com> References: <55B78F56.3080802@gmail.com> <55B79146.70309@gmail.com> Date: Wed, 29 Jul 2015 15:41:07 +0200 Message-ID: From: Mike Hearn To: Pieter Wuille Content-Type: multipart/alternative; boundary=001a113eceb222be1e051c03bd89 X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] Disclosure: consensus bug indirectly solved by BIP66 X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2015 13:41:08 -0000 --001a113eceb222be1e051c03bd89 Content-Type: text/plain; charset=UTF-8 > > This solved the vulnerability, and opens the door to using non-OpenSSL > signature verification in the near future. Great work! It also means the remaining usages of OpenSSL can be safely replaced with something like LibreSSL or (perhaps better) BoringSSL. --001a113eceb222be1e051c03bd89 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
This solved the=C2=A0vulnerability, and opens th= e door to using non-OpenSSL signature=C2=A0verification in the near future.=

Great work!=C2=A0

It also means the remaining usages of OpenSSL can be safely replaced with = something like LibreSSL or (perhaps better) BoringSSL.
--001a113eceb222be1e051c03bd89--