I don't quite follow the LibreSSL. OpenSSL now has two full-time developers through funding from Linux Foundation, and Open Crypto Audit Project has funding for doing a audit of the code: http://www.linuxfoundation.org/news-med ... ew-backers
. While LibreSSL made sense before the Linux Foundation could get the funding arranged, what sense does it make now? There are no full-time developers working on LibreSSL I think, nor is the code being audited by anybody but the developers. Why don't the LibreSSL developers join effort on OpenSSL? They have a clean roadmap: https://www.openssl.org/about/roadmap.html
. It seems to be tackling the same stuff...
I'll be sticking with OpenSSL till it's clear what exactly LibreSSL improves security wise and how it is a long-term viable solution that doesn't fall into disarray once the developers' interest wanes. Long-term OpenSSL seems to be in a healthier position, with long-term commitment and funding from the industry.