|
|
|
|
|
|
by higherpurpose
4440 days ago
|
|
|
This might help: > I reviewed several SSL implementations for coding style: OpenSSL, NSS, GnuTLS, JSSE, Botan, MatrixSSL and PolarSSL. I looked at how buffers are handled in parsers and writers. Of all of them, I think only JSSE, i.e. pure Java, can be trusted to be free of buffer overflows. It suggests that a good webserver for security-critical applications would be Tomcat, without native extensions. http://tstarling.com/blog/2014/04/ssl-implementations-compar... |
|
|