Re: Amazon announced a TLS abstraction library called s2n
Date: Tue, 30 Jun 2015 23:03:10 +0200
On mar, giu 30, 2015 at 10:46:12 +0200, Marc Hörsken wrote:
> Hello everyone,
> just a quick heads up that Amazon announced a TLS abstraction library called s2n:
> http://blogs.aws.amazon.com/security/post/TxCKZM94ST1S6Y/Introducing-s2n-a-New-Open-Source-TLS-Implementation <http://blogs.aws.amazon.com/security/post/TxCKZM94ST1S6Y/Introducing-s2n-a-New-Open-Source-TLS-Implementation>
> https://github.com/awslabs/s2n <https://github.com/awslabs/s2n>
> The TLS implementation is contained within s2n, but for the base crypto stuff it links to several crypto libraries, like OpenSSL, LibreSSL, BoringSSL, and the Apple Common Crypto framework.
> This reminds me a lot about our vtls efforts, even though those were at a slightly different level of abstraction. For example s2n also supports server-side TLS and has it’s own TLS implementation instead of using that of the underlying crypto library.
> Windows CryptoAPI or Windows Cryptography API: Next Generation (CNG) support is currently missing.
> Maybe curl or vtls can make use of those s2n efforts baked/supported by Amazon? I think that supporting s2n as an additional TLS backend could be a first step.
> What do you think?
s2n doesn't support certificate validation yet , so I'd say this is a bit
- application/pgp-signature attachment: Digital signature