[nickpsecurity]

Already done in Ocaml for projects willing to use something other than OpenSSL:

https://github.com/mirleft/ocaml-tls

It's performance was within 80% or so of regular TLS with Ocaml's safety and easier verification. Quite a few components were purely functional, too. I've seen SML embedded in LISP's and PreScheme compiled to efficient C or ASM. So, that means a static LISP could handle it piggybacking on C compilers. Ivory embeds a subset of C in Haskell to keep things easy to analyze and automatically safe. Parts of a SSL library could use it.

http://ivorylang.org/ivory-introduction.html

So, Haskell, LISP, and ML are already capable of replacing our SSL libraries if people choose. One is already done in Ocaml. COGENT, if people apply it to this, will take it further by having an easier-to-verify implementation in functional language with certified compilation to C or assembly.

[pjmlp]

There is also the F* version, which can be made to target C via their KreMlin compiler.

https://project-everest.github.io/

https://fstarlang.github.io/general/2016/09/30/introducing-k...

Presented at this year's ICFP conference.

https://www.youtube.com/watch?v=sP7PRHn9iEA

[nickpsecurity]

I reposted your link on Lobste.rs. I noted that COGENT already was doing verified functional with certified translation to C or assembly. Also that F star to C seems to be Microsoft and INRIA's route. So, at least two projects are making it much easier to verify algorithms or protocols in functional way with C code resulting.

The other thing I noted is that most code meant for verification is designed to be easy for humans or machines. The F star and C is one of few that is easy for both. I rarely see that.

[pjmlp]

On the talk that they did, the guy from F* team mentioned that their goal was to be able to validate that the C code is correct and they can match 1:1 the language constructs, to allow for proper verification of the generated code.

[acqq]

Thanks, but which of those can be simply taken as the library linked to C code and called from the C code, and so that it doesn't depend on GC? Because as long as that step doesn't exist, it can't be used as the possible substitution for the current libraries?

[nickpsecurity]

Ocaml is only one that uses GC IIRC. Others produce C.

[acqq]

Links please? Any actual library produced and linkable, even with just one algorithm? I can't find it behind that Ivory link? Thanks!

Edit: also thanks for explaining the nature of the solutions you mention ("custom jobs").

[nickpsecurity]

I dont have those. They're used for custom jobs by people who know the language. Im not in that category. ;)

[nickpsecurity]

Wait, I just remembered COGENT people did a case study by doing ext2 filesystem in COGENT. They have COGENT on Github. The filesystem source or binary might be in repo(s) of COGENT team allng with other examples. So, Google that.