Paul Kehrer and Alex Gaynor, maintainers of the Python cryptography module, have put out some strongly worded criticism of OpenSSL. It comes from a talk they gave at the OpenSSL conference in October 2025 (YouTube video). The post goes into a lot of detail about the problems with the OpenSSL code base and testing, which has led the cryptography team to reconsider using the library. "The mistakes we see in OpenSSL's development have become so significant that we believe substantial changes are required — either to OpenSSL, or to our reliance on it." They go further in the conclusion: First, we will no longer require OpenSSL implementations for new functionality. Where we deem it desirable, we will add new APIs that are only on LibreSSL/BoringSSL/AWS-LC. Concretely, we expect to add ML-KEM and ML-DSA APIs that are only available with LibreSSL/BoringSSL/AWS-LC, and not with OpenSSL. Second, we currently statically link a copy of OpenSSL in our wheels (binary artifacts). We are beginning t