> Outside of the NSS team, who has more confidence in NSS than *ring* + > webpki + Rustls, BoringSSL, or OpenSSL? And, what is the reasoning?
I think the assumption here is that many people outside the current Rust community would have more confidence in NSS, BoringSSL, or OpenSSL than Ring + rusttls + webpki. I think the reason behind that is age, and that reason will not be true indefinitely. You've made good points elsewhere in this thread that the bindings may introduce some confidence problems of their own, and perhaps that invalides some of the assumption. I don't think Diane's proposal intended to imply we have more confidence in NSS over BoringSSL. The choice of NSS was due to other factors like BoringSSL having no stable API and being discouraged for wider use. jack. _______________________________________________ dev-servo mailing list dev-servo@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-servo
