[Flocular]

For cryptography it uses the ring-library which still relies on C-Code in many places. Additionally there is no API-stability (still v0.*) and the last official audit was 3 years ago.

The project has potential but isn't quite ready for prime time yet.

[oconnor663]

Importantly, that C code (and assembly) is in the guts of crypto primitives. Those tend to be a lot easier to test than higher level X.509 parsing code, which I think is all done in safe Rust.

But for sure, taking a dependency on RusTLS from C code isn't a "boring" choice, and I wouldn't pretend to be confident that that would all go smoothly for a big project.