On Jun 23, 12:41pm, Greg A. Woods wrote:
} [ On Thursday, March 7, 2002 at 20:45:53 (-0800), John Nemeth wrote: ]
} >
} >      When you consider all the squawking that the OpenBSD crowd does
} > about why their code is so secure because they audit it amongst other
} > things, I want it to not have the bugs.  SSH is an extremely important
} > security related application.  It shouldn't have security holes.
} 
} Well it wasn't all their code to begin with, and I suspect a lot of it
} has still not really been properly rewritten.

     I realise that.  However, given the squawking they do about
auditing and the importance the code, it should have been completely
audited a long time ago.

} And there is a _lot_ of it (code that is, in OpenSSH + OpenSSL).  Almost
} all code has bugs, and the more code there is the more bugs there are,
} and the bigger and nastier they usually get.

     Not according to their marketing fodder.  I do realise the
validity of the above statement, but if they are going to make
contradictory marketing fodder, then why not hold them to it?

}-- End of excerpt from Greg A. Woods