On Tue, Jul 08, 2003 at 04:32:41PM -0400, Thor Lancelot Simon wrote: > I trimmed OpenSSL down to just TLSv1 and only the FIPS-140 conformant > algorithms for a FIPS-140 conformance project at ReefEdge (and yes,
[..] > The result was still several hundred kilobytes -- actually, I don't > have exact numbers handy but I believe it was more than a megabyte > in size. OpenSSL is not the TLS implementation I would use if I had > any other free option that offered reasonable performance. :-( For comparison purposes, I have a copy of an SSLv3/TLS client library I wrote in 1997. It's 56k of (Intel Linux) code for everything except RSA. That includes the ASN.1 and X.509 parser. Implementing the server-specific parts would add only another couple k. This was done for a handheld computer but runs on unix as well. OpenSSL is huge because it's also a general purpose crypto lib, supports a bunch of hardware and a bunch of algorithms, SSLv2 (ew), old apis, non-blocking, etc etc. Eric --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]