Connection issues with Android Marshmallow

Mathieu Simon (Lists) matsimon.lists at simweb.ch
Fri Oct 16 17:15:28 CEST 2015


Hi

Am 16.10.2015 um 16:31 schrieb Alan DeKok:
> On Oct 16, 2015, at 10:29 AM, A.L.M.Buxey at lboro.ac.uk wrote:
>>
>>>  We use them because everything else is worse. :(
>>
>> LibreSSL ? :-)
> 
>   It's API compatible with OpenSSL, and it doesn't add new / better APIs.

Concerning a new / better API in LibreSSL: The OpenBSD folks have the
same / similar concerns bout the OpenSSL API. True, they have libssl for
backwards-compatibility but have added a new libtls library trying to
address these concerns.

Their goal is to provide more simple API where an application can ask
for a secure channel and libtls will do the reset - no need for the
application to know and handle the gory details about TLS version etc. -
that's their actual motivation. OpenBSD has started using libtls in
tools of their base system for what I know and LibreSSL has become
portable for quite some time.

Information about libtls can be found on the libressl.org project page
and there's been a fairly recent talk from Bob Beck in September. The
slides can be found on openbsd.org/papers

-- Mathieu


More information about the Freeradius-Users mailing list