Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

[ZDNet] Amazon introduces new open-source TLS implementation 's2n'

Industry news items concerning VPNs, darknets, crypto, surveillance and secure computing.
User avatar

Topic Author
parityboy
Site Admin
Posts: 1208
Joined: Wed Feb 05, 2014 3:47 am

[ZDNet] Amazon introduces new open-source TLS implementation 's2n'

Post by parityboy » Thu Jul 02, 2015 3:59 pm

This new library is meant to answer an inherent problem with the older open-source encryption programs: Their optional extensions make them very complex. Indeed, "OpenSSL, the de facto reference implementation, contains more than 500,000 lines of code with at least 70,000 of those involved in processing TLS. Naturally with each line of code there is a risk of error, but this large size also presents challenges for code audits, security reviews, performance, and efficiency."

Rather than try to cover all of SSL/TLS's full range of extensions, s2n, with its mere 6,000 lines of code, focuses only on encryption. This means that Amazon is not trying to replace OpenSSL. Schmidt wrote that "Amazon remains committed to supporting [OpenSSL] through our involvement in the Linux Foundation's Core Infrastructure Initiative."
Source