[israrkhan]

Seems like it is trying to replace PolarSSL (now called mBed TLS). It even dervies the name from PolarSSL (Polar Bear). It is nice to have multiple options, however it can make the vulnerability management a nightmare. How many more SSL libraries do we need (OpenSSL, LibreSSL,S2N,GnuTLS), not to mention native SSL libraries (Secure Transport, SChannel)?

[byuu]

We need a crypto library that is easy to use in other applications that want security.

This trainwreck of an API is the opposite of what we want: https://gnutls.org/reference/gnutls-gnutls.html

It would probably be faster to write your own TLS library than learn all of that.

OpenSSL doesn't fare much better. So far, libtls looks the most promising. But last I checked, it was still a bit too spartan and couldn't operate in non-blocking mode, which kills you if you want an event-driven server.

[niftich]

I, for one, am still waiting for the TLS library that's the spiritual equivalent of NaCl or libsodium; where the integration surface is narrowed to the essentials, and sensible and secure (internal) defaults predominate.

[NeutronBoy]

> It even dervies the name from PolarSSL (Polar Bear

I thought it was a play on 'bare' - e.g. only the basic features needed.

[SOLAR_FIELDS]

Probably a triple entendre as the author is a frequent poster and high rep user on Security StackExchange where his profile pic has been a bear for years. The community even has a couple in jokes about it because one of the other high rep users also has a picture of a bear as his profile picture and they are affectionately referred to as "big bear" and "little bear".