[aalpbalkan]

TLS implementation in Go. http://golang.org/pkg/crypto/tls/

Go is probably better at this.

[somethingnew]

According to Adam Langley, a Go contributor, it can still be side-channeled. https://twitter.com/agl__/status/453370970552532992

[tptacek]

s/Go contributor/primary author of the Golang TLS package/g

(Also, he's one of Google's point people on TLS.)

JFWIW.

[wyager]

>Go is probably better at this.

Why? Go doesn't really offer a whole lot in terms of security, except for better managed memory. I'm not even sure you could reliably eliminate side channel attacks in Go.

[johntyree]

>Go doesn't really offer a whole lot in terms of security, except for better managed memory.

What makes it better? Haskell's GC is very advanced.

[wyager]

>What makes it better?

Better than C, that is. Haskell is on a whole 'nother level of "what are memory bugs?"

[dllthomas]

Of course you can have memory bugs in Haskell, but it's obvious that you're doing special memory stuff.

http://hackage.haskell.org/package/base-4.7.0.0/docs/Foreign...

[dscrd]

Unfortunately this library can only be used in Go, right?

[justincormack]

You could terminate connections with it and have a local socket to another process. As we have seen putting ssl in another process is helpful for memory isolation...