Adding a second TLS implementation
mat999 at gmail.com
Thu Feb 11 02:28:29 UTC 2021
BoringSSL is already for the most part supported (in code, if not
officially) if I am not mistaken
On Thu, 11 Feb 2021 at 12:02, Kevin Burke <kevin at meter.com> wrote:
> There has been a recent push by some members of the security community to
> try to make more critical code run in memory safe languages, because of the
> high prevalence of security issues related to memory safety, for example,
> use-after-free, double-free or heap buffer vulnerabilities.
> In that light, I was wondering if you'd be open to adding a second TLS
> implementation that could be used in place of OpenSSL. Ideally, the target
> would be a TLS implementation in a memory safe language, for example,
> rustls, available at https://github.com/ctz/rustls. Curl just merged a
> patch to support the rustls backend.
> This would require a lot of changes to make the TLS implementation
> portable so before investigating it I figured I would see if you're open to
> it at all.
> nginx-devel mailing list
> nginx-devel at nginx.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx-devel