Granted, this is arguing from authority, but if something's secure enough for Theo de Raadt, just how insecure can it be? He is not known for a relaxed attitude about this.