From mboxrd@z Thu Jan 1 00:00:00 1970 From: William Ahern To: 9fans@cse.psu.edu Subject: Re: [9fans] TLSServer? Message-ID: <20031110172128.GA14806@wilbur.25thandClement.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.4i Date: Mon, 10 Nov 2003 09:21:28 -0800 Topicbox-Message-UUID: 854c4262-eacc-11e9-9e20-41e7f4b1d025 On Mon, Nov 10, 2003 at 09:25:18AM -0500, Sam wrote: > I need to write a Unix application that uses TLS/SSL. I > looked at using OpenSSL, but lordy mama -- what an interface. > Since I only need to do the server side of the communication, > I thought perhaps the Plan 9 tls stuff could be used. It takes ~10 calls into OpenSSL in my TLS-able server to load trusted certs, load the keys, install the descriptor and use it in my IO routines. Much, much easier than I initially thought when I first dove into the horrible documentation. And some of the crypto primitives are written in assembly, which can make a big difference depending on your server's usage pattern. All-in-all, OpenSSL was much simpler than it looks from 10,000 feet.