> This crate provides bindings to AWS-LC-FIPS 2.x, which has completed FIPS validation testing by an accredited lab and has been submitted to NIST for certification.
If you are in a regulated environment, that’s reason enough.
Are there benches on this vs say OpenSSL on Graviton and Apple M chips? I would be curious how big the difference is vs whatever NEON optimizations are in OpenSSL (and friends) already.
One reason: you can use this as a backend to rustls, and then you no longer have anything under the OpenSSL license in your dependencies, which improves the license compatibility of your project.
Again, this is just a temporary situation, and a matter of burning down a list of small tasks. Not that the OpenSSL license issue is a big deal for most anyway. Feel free to help; see this issue filed by Josh Triplett: https://github.com/briansmith/ring/issues/1318#issuecomment-...
Yeah, I realize, and I am looking forward to having multiple options to choose from that all have the same license compatibility. It's nice that there's a short-term solution that's available for people who need to ship things soon, and it's nice that there's a longstanding library (ring) that'll long-term will be capable of providing a compatible solution as well.
> This crate provides bindings to AWS-LC-FIPS 2.x, which has completed FIPS validation testing by an accredited lab and has been submitted to NIST for certification.
If you are in a regulated environment, that’s reason enough.