Kevin,

BoringSSL is already for the most part supported (in code, if not
officially) if I am not mistaken

On Thu, 11 Feb 2021 at 12:02, Kevin Burke <kevin@meter.com> wrote:

> Hi,
> There has been a recent push by some members of the security community to
> try to make more critical code run in memory safe languages, because of the
> high prevalence of security issues related to memory safety, for example,
> use-after-free, double-free or heap buffer vulnerabilities.
>
> In that light, I was wondering if you'd be open to adding a second TLS
> implementation that could be used in place of OpenSSL. Ideally, the target
> would be a TLS implementation in a memory safe language, for example,
> rustls, available at https://github.com/ctz/rustls. Curl just merged a
> patch to support the rustls backend.
>
> This would require a lot of changes to make the TLS implementation
> portable so before investigating it I figured I would see if you're open to
> it at all.
>
> Kevin
> _______________________________________________
> nginx-devel mailing list
> nginx-devel@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel