|
|
|
|
|
|
by dom0
3535 days ago
|
|
|
Another facet is that full compatibility to OpenSSL is required on the internet. Ten years ago plenty of projects were using alternative SSL implementations (eg Peter Gutmann's cryptlib), many of which had slight interop problems with OpenSSL (which one to blame is impossible to say). In turn many projects switched away from these libraries - they had to, interop issues making software unreliable are vexing for every user - and moved to OpenSSL. OpenSSL will also often be the first implementation that has a new TLS feature, it's the internet's demo implementation. New optimizations in algorithms tend to land first in OpenSSL as well etc. Today there are like ~four or five relevant TLS implementations, and only one is in widespread use on servers. |
|
|