Digimon Story: Eevee StrangerBig Rust News:
Rustls has decided to move ring and aws-lc crypto providers into their own crates going forward
Josh BressersThis week on #OpenSourceSecurity I chat with @djc and @ctz about #Rustls. A lot has happened with Rustls in the last few years (and there's a lot more to come). Writing a TLS implementation is incredibly complicated, even when you don't have to worry about memory safety
https://opensourcesecurity.io/2025/2025-12-rustls-dirkjan-joe/
Rustls with Dirkjan and Joe
Josh talk to Dirkjan and Joe about Rustls (pronounced rustles), a Rust-based TLS library. Dirkjan and Joe are developers on Rustls. We talk about the history that got us to this point. The many many challenges in writing a TLS library (Rust or not). We also chat about some of what’s to come. Rustls has an OpenSSL compatibility layer which makes is a really interesting project. Episode Links Dirkjan Joe Rustls This episode is also available as a podcast, search for “Open Source Security” on your favorite podcast player.
kpcyrd 🏴In other news, very happy to see the most popular #Rust http client library is switching their default TLS implementation from OpenSSL to #rustls.
https://github.com/seanmonstar/reqwest/releases/tag/v0.13.0-rc.1
MynacolI finally tried to replace #openssl with #aws-lc on some of my services. Unfortunately, #nginx and #mosquitto lack support for it. Instead, I successfully switched #BIND to use aws-lc.
I later also noticed that the #rustls compatibility shim is in nixpkgs 25.05, but here BIND is missing some variables. And despite the wrapper being explicitly made for nginx, it also fails here with
/nix/store/mkvc0lnnpmi604rqsjdlv1pmhr638nbd-binutils-2.44/bin/ld: objs/src/stream/ngx_stream_ssl_module.o: in function `ngx_stream_ssl_servername':
/build/nginx-1.28.0/src/stream/ngx_stream_ssl_module.c:606:(.text+0xd59): undefined reference to `SSL_SESSION_get0_hostname'
A shame. I wanted to change to more modern libraries.
Untested: #dovecot and #postfix (they lack a services.(dovecot2|postfix).package variable to easily change the used package. A PR for dovecot is already open to add support for it.
GoliverI'm thrilled to announce the first release of Quark, my new reverse proxy written in #Rust 🦀
Quark v0.1.0 is out and fully functional, built on top of the robust #Hyper and #Rustls libraries. It's designed to offer high performance and security for your web applications.
Quark is open source and available under the MIT license.
irohHow does 0-RTT work in #iroh (and #QUIC, and a little bit of #TLS), a fun exploration: https://www.iroh.computer/blog/0rtt-api
What's even better is that @Frando already landed a PR in #rustls to improve the UX of this (https://github.com/rustls/rustls/pull/2476). Should also land in #Quinn and #iroh soon!
GripNews🌘 Rustls 伺服器端效能
➤ 提升網路安全與效能:Rustls 的最新進展
✤ https://www.memorysafety.org/blog/rustls-server-perf/
本文探討了 Rustls 專案在伺服器端效能上的最新進展,重點在於提升 TLS (Transport Layer Security) 的效能而不犧牲安全性。研究人員透過測試發現,Rustls 在覈心數增加的情況下,效能幾乎呈線性擴展,且伺服器延遲時間低於 OpenSSL 兩倍。文章詳細闡述了狀態式與無狀態的連線重用機制,並說明瞭 Rustls 如何優化金鑰輪換和減少傳輸的票證數量,以提升效能和安全性。
+ 聽起來 Rustls 是一個很有潛力的 TLS 實作,尤其是在記憶體安全方面。如果能取代 OpenSSL,網路世界會更安全。
+ 這篇文章清楚地解釋了 Rustls 如何在效能上超越 OpenSSL,對網路安全工程師來說非常有參考價值。
#網路安全 #Rustls #TLS #效能優化
➤ 提升網路安全與效能:Rustls 的最新進展
✤ https://www.memorysafety.org/blog/rustls-server-perf/
本文探討了 Rustls 專案在伺服器端效能上的最新進展,重點在於提升 TLS (Transport Layer Security) 的效能而不犧牲安全性。研究人員透過測試發現,Rustls 在覈心數增加的情況下,效能幾乎呈線性擴展,且伺服器延遲時間低於 OpenSSL 兩倍。文章詳細闡述了狀態式與無狀態的連線重用機制,並說明瞭 Rustls 如何優化金鑰輪換和減少傳輸的票證數量,以提升效能和安全性。
+ 聽起來 Rustls 是一個很有潛力的 TLS 實作,尤其是在記憶體安全方面。如果能取代 OpenSSL,網路世界會更安全。
+ 這篇文章清楚地解釋了 Rustls 如何在效能上超越 OpenSSL,對網路安全工程師來說非常有參考價值。
#網路安全 #Rustls #TLS #效能優化
Rustls Server-Side Performance
In past years, the Rustls project has been happy to receive substantial investments from the ISRG. One of our goals has been to improve performance without compromising on safety. We last posted about our performance improvements in October of 2024, and we're back to talk about another round of improvements. What is Rustls? Rustls is a memory safe TLS implementation with a focus on performance. It is production ready and used in a wide range of applications.
N-gated Hacker NewsRustls: where #nerds desperately try to make #TLS exciting again 🎉. Apparently, the Internet Security Research Group showered them with cash to make things faster, but they'll still take a year to tell us they're "back" with more #improvements. 🐢💸 Who knew #performance could be this riveting?
https://www.memorysafety.org/blog/rustls-server-perf/ #Rustls #InternetSecurity #HackerNews #ngated
https://www.memorysafety.org/blog/rustls-server-perf/ #Rustls #InternetSecurity #HackerNews #ngated
Rustls Server-Side Performance
In past years, the Rustls project has been happy to receive substantial investments from the ISRG. One of our goals has been to improve performance without compromising on safety. We last posted about our performance improvements in October of 2024, and we're back to talk about another round of improvements. What is Rustls? Rustls is a memory safe TLS implementation with a focus on performance. It is production ready and used in a wide range of applications.
Hacker NewsRustls Server-Side Performance
https://www.memorysafety.org/blog/rustls-server-perf/
#HackerNews #Rustls #Server-Side #Performance #Rust #Programming #Performance #Optimization #Memory #Safety
Rustls Server-Side Performance
In past years, the Rustls project has been happy to receive substantial investments from the ISRG. One of our goals has been to improve performance without compromising on safety. We last posted about our performance improvements in October of 2024, and we're back to talk about another round of improvements. What is Rustls? Rustls is a memory safe TLS implementation with a focus on performance. It is production ready and used in a wide range of applications.
wolfSSL Embedded SSL/TLS; FIPS 140-3 #curl 8.13.0 is here — and it broke records!
- 300+ bugfixes
- 501 commits
- New features like --url from file, TLS 1.3 early data, base64 decoding, & more across wolfSSL, #rustls, #OpenSSL & #gnutls!
Watch the release stream: youtu.be/Jor0z31fyNw...
@bagder.mastodon.social.ap.brid.gy
