Welcome! Log In Create A New Profile

Advanced

Re: [PATCH 1 of 2] SSL: add support for AWS-LC

Previous Message Next Message
Forum List Message List New Topic Print View
Piotr Sikora via nginx-devel
March 21, 2024 03:04AM
Hi Roman,

> It looks like this library is not super popular, but the patch is relatively
> large.

Perhaps it's not as widely used as the forks that started ~10 years ago,
but it's basically a version of BoringSSL that's more suitable to use with
NGINX than BoringSSL itself:
- it ships releases and it's versioned,
- it supports OCSP stapling,
- it supports multiple TLS certificates,
- it supports big endian platforms supported by NGINX.

Also, the patch is pretty small.

> Also, compiling nginx with -DOPENSSL_IS_BORINGSSL should probably solve
> the issue.

For the time being, probably, but AWS folks are actively developing it,
so I'd expect it to led to issues sooner rather than later.

Best regards,
Piotr Sikora
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel
Reply Quote
RSS
Subject Author Views Posted

[PATCH 1 of 2] SSL: add support for AWS-LC

Piotr Sikora via nginx-devel 202 February 27, 2024 08:26PM

Re: [PATCH 1 of 2] SSL: add support for AWS-LC

Roman Arutyunyan 21 March 18, 2024 09:56AM

Re: [PATCH 1 of 2] SSL: add support for AWS-LC

Piotr Sikora via nginx-devel 25 March 21, 2024 03:04AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 206
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready