[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: https://polarssl.org/

Incidentally, PolarSSL is a fork of the (now unmaintained) BSD/GPL dual-licensed XySSL. Not that I'm actually recommending it; the thought of an unmaintained SSL library fills me with dread.


On Wed, May 1, 2013 at 9:25 PM, Anil Madhavapeddy <anil@xxxxxxxxxx> wrote:
On 1 May 2013, at 20:09, Dave Scott <Dave.Scott@xxxxxxxxxxxxx> wrote:
> We've talked a bit about SSL offload before (particularly to hardware). We could link one of these libs with minios and make a C SSL proxy using libvchan. Or we could a concept of a "process" to mirage -- perhaps one static process per vCPU -- and use inter process communication to communicate with the ocaml code.

I'd really like to keep the SSL bindings outside of the main OCaml process, so this is a good place to start doing so.  Also, it's a natural tie-in to the actor library, as those communication channels are intended to either be vchan (xenserver) or internal tcp (EC2, where we cant vchan).




Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.