Our great sponsors
-
aws-lc
AWS-LC is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and their customers. It іs based on code from the Google BoringSSL project and the OpenSSL project.
I love LibreSSL and what they represent, but neither LibreSSL nor BoringSSL target all platforms or compatibility with OpenSSL, which can be a bit of a challenge ... and I don't think LibreSSL is likely to have FIPS certification.
At the AWS cryptography group, we've open-sourced our libcrypto - https://github.com/awslabs/aws-lc - which essentially tries to use the best from Google's BoringSSL, OpenSSL (from 1.1x , not 3.x) , our own code, and formal verification and does target a broad set of platforms and is our FIPS module.
We're at about 95% OpenSSL compatibility right now, it "just works" for a lot of applications, and I expect we'll get near-full compatibility this year as we switch more and more of our own systems to using it internally.
We don't promote it broadly, and it's not intended to compete with OpenSSL - but it's a may be an interesting option for some to consider.
-
A reminder that rustls exists, and leverages the Rust compiler to make sure no memory safety issues exist in your TLS implementation:
https://github.com/rustls/rustls
Some thoughts on lessons learned from other projects/vulnerabilities:
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-