Looking over libtls it struck me that this is the best-designed TLS API I've ever seen, so it was a bit disheartening to look at the code and find that it was mainly just wrapping libssl and abstracting away its fragile, haphazard design choices. Though even just this is obviously already an unconditional good, are there plans for enough of libssl to be split off, cleaned up, and rolled directly into libtls so that the libtls -> libssl dependency can be broken for good?
- libtls future Daniel
- Re: libtls future Joel Sing
- Re: libtls future Theo de Raadt