💾 Archived View for rawtext.club › ~sloum › geminilist › 007376.gmi captured on 2021-12-05 at 23:47:19. Gemini links have been rewritten to link to archived content

-=-=-=-=-=-=-

WolfSSL

Omar Polo op at omarpolo.com

Sun Oct 24 08:12:13 BST 2021

- - - - - - - - - - - - - - - - - - -

Rohan Kumar <seirdy at seirdy.one> writes:

[[PGP Signed Part:Undecided]]

On Sat, Oct 23, 2021 at 06:33:02PM +0000, Jonathan McHugh wrote:

I noticed WolfSSL has TLS 1.3, its other features seem decent too

(1/20 size OpenSSL, ANSI C).

However, I couldnt find any links on Gemini or HTTP concerning any

implementations or tools using it.

Any ideas regarding it?

Would it be worth me developing clients and servers in it? I get the

idea that some of the other TLS approaches have a lot of cruft given

their scale and predisposition to non-Germini protocols and it would

interest me to embed from a bespoke Gemini only compilation.

Would such a project be a ballache?

I think WolfSSL and BearSSL are interesting projects as far as minimal

TLS implementations go, but I'd personally like to see more love for

stuff like libtls (simple spinoff of libressl with a much simpler

API), or Boringssl (extremely well-made TLS lib that also provides the

crypto primitives for libs like Rust's ring and RusTLS). Libtls would

be an especially good fit for Gemini software.

I couldn't agree more. Both gmid and telescope use libtls and it's beena joy to use. Clean and simple APIs along with a great documentation(as expected ;-)

libtls has also landed on debian unstable recently, while other distro(alpine, void, gentoo, ... even fedora) had that packaged for a while.

Outside of the C and C++ world, lots of programming langs also feature

pretty good TLSv1.3 libs in their standard libraries; Go has one of

the best.