📜 Post with us on Reddit
📝 Create a new article
🏭 Create a company page
🇬🇧 - in English
🇫🇷 - en Français (FR)
🇵🇹 - em Português (PT)
🇩🇪 - auf Deutsch (DE)
🇯🇵 - 日本語で (JA)
Sponsored articles

You can edit almost every page by Creating an account and confirming your email.

Rustls

From EverybodyWiki Bios & Wiki

Rustls
Original author(s)Joe Birr-Pixton
Developer(s)Joe Birr-Pixton, Dirkjan Ochtman, Daniel McCarney, Josh Aas[1]
Initial release2016
Written inRust
Engine
    Operating systemCross-platform
    TypeSecurity library
    LicenseApache 2.0, MIT, ISC
    Websitegithub.com/rustls/rustls

    Search Rustls on Amazon.

    Rustls (pronounced "russels"[2]) is an open-source implementation of the Transport Layer Security (TLS) protocol written in the Rust programming language. It focuses on providing a TLS implementation that has good performance and security, taking advantage of Rust's built-in memory safety.

    Team and funding

    Joe Birr-Pixton started Rustls in 2016 and remains the lead developer as of 2024.[1]

    The project has been sponsored since 2021 by the Internet Security Research Group (ISRG), a nonprofit organization based in the United States.[2][3] ISRG's goal is to enable Rustls to be a viable alternative to OpenSSL, because OpenSSL can be difficult to use correctly and has had security vulnerabilities related to being written in a programming language that is not memory safe.[2][4]

    ISRG has paid several people to work on improvements to Rustls using money contributed by Google and other sources, including software developer Dirkjan Ochtman.[2] The Open Source Security Foundation Alpha-Omega project gave $530,000 in 2023 for Rustls projects including development of the option to use different cryptographic backends.[5]

    Sovereign Tech Fund, which is supported by the German government, contributed $1.5 million to ISRG in 2023 for Rustls and two other projects that aim to provide memory-safe versions of open source tools that are important to internet security.[6][7]

    Additional funding for Rustls has come from Fly.io and Amazon Web Services (AWS).[8]

    Architecture and features

    Originally built using the ring cryptographic library and the webpki library for verification of public key infrastructure certificates.[9] It uses Amazon Web Services Libcrypto for Rust (aws-lc-rs) for cryptography (providing underlying cryptographic primitives), and provides the option to use other cryptography on the backend, such as ring.[10] Provides an option for FIPS support via AWS Libcrypto for Rust.[10]

    Has an OpenSSL compatibility layer, initially designed to enable using Rustls with Nginx.[8]

    Server Name Indication

    Popular in the Rust ecosystem (default TLS library). Also provides an API that allows it to be used from C programming language (rustls-ffi).[9][4]

    Licensed Apache License 2.0, MIT License, ISC license.

    Performance

    2019 benchmarks carried out by a developer of the library showed better performance than OpenSSL at that time.[11]

    2024 benchmarking project.[12]

    Uses

    Let's Encrypt

    In 2020 an ISRG software engineer worked on enabling using Rustls as a TLS backend for cURL.[13][14]

    In 2020 Linkerd, which "adds security, observability, and reliability to any Kubernetes cluster" and is part of the Cloud Native Computing Foundation, included a proxy built with networking libraries including Rustls.[15]

    In 2021 Google funded the creation of mod_tls, a new TLS module for Apache HTTP Server using Rustls.[16][17] The new module is intended to be a successor to the older mod_ssl module that is written in C, as a more secure default.[16]

    Tokio

    Wolfi, a tool for making memory-safe Linux containers, uses Rustls.[18][19] Software supply chain[20]

    See also

    External links

    References

    1. 1.0 1.1 "Rustls README". GitHub. July 30, 2024. Retrieved 2024-08-20.
    2. 2.0 2.1 2.2 2.3 Melanson, Mike (2021-04-23). "Rustls Looks to Provide a Memory-Safe Replacement for OpenSSL". The New Stack. Insight Partners. Retrieved 2024-08-20.
    3. Aas, Josh (2021-04-20). "Preparing Rustls for Wider Adoption". Prossimo. Internet Safety Research Group. Retrieved 2024-08-20.
    4. 4.0 4.1 Vaughan-Nichols, Steven J. (2021-11-02). "Prossimo: Making the Internet Memory Safe". The New Stack. Insight Partners. Retrieved 2024-08-20.
    5. Gran, Sarah (September 18, 2023). "Advancing Rustls and Rust for Linux with OpenSSF Support – Open Source Security Foundation". Open Source Security Foundation (OpenSSF). Linux Foundation. Retrieved 2024-08-20.
    6. Gran, Sarah (2023-07-11). "$1.5M from Sovereign Tech Fund to Fuel Memory Safety". Internet Security Research Group. Retrieved 2024-08-20.
    7. Tarakiyee, Tara (2024-05-22). "On Rust, Memory Safety, and Open Source Infrastructure". Sovereign Tech Fund. Retrieved 2024-08-20.
    8. 8.0 8.1 Aas, Josh (2024-05-08). "Rustls Gains OpenSSL and Nginx Compatibility". Prossimo. Internet Security Research Group. Retrieved 2024-08-20.
    9. 9.0 9.1 Edge, Jake (May 4, 2021). "Rustls: memory safety for TLS". LWN.net. Retrieved 2024-08-20.
    10. 10.0 10.1 Aas, Josh (2024-02-29). "Rustls Now Using AWS Libcrypto for Rust, Gains FIPS Support". Prossimo. Internet Security Research Group. Retrieved 2024-08-20.
    11. Cimpanu, Catalin (July 19, 2019). "A Rust-based TLS library outperformed OpenSSL in almost every category". ZDNET. Retrieved 2024-08-20.
    12. Ochagavía, Adolfo (2024-01-04). "Securing the Web: Rustls on track to outperform OpenSSL". Prossimo. Internet Security Research Group. Retrieved 2024-08-20.
    13. Aas, Josh (2020-10-09). "Memory Safe 'curl' for a More Secure Internet". Internet Security Research Group. Retrieved 2024-08-20.
    14. De Simone, Sergio (October 25, 2020). "Rust Hyper HTTP Library Will Contribute to Make Curl Safer". InfoQ. Retrieved 2024-08-20.
    15. Weisman, Eliza (July 23, 2020). "Under the hood of Linkerd's state-of-the-art Rust proxy, Linkerd2-proxy". Linkerd. Cloud Native Computing Foundation. Retrieved 2024-08-20.
    16. 16.0 16.1 Cimpanu, Catalin (February 2, 2021). "Google funds project to secure Apache web server with new Rust component". ZDNET. Retrieved 2024-08-20.
    17. Eissing, Stefan (2022-03-01). "Bringing Memory Safe TLS to Apache httpd". Prossimo. Internet Security Research Group. Retrieved 2024-08-20.
    18. Lewkowicz, Jakub (2023-09-29). "SD Times Open-Source Project of the Week: Wolfi". SD Times. Retrieved 2024-08-20.
    19. Claburn, Thomas (2023-01-26). "Memory safety is the new black, fashionable and fit for any occasion: Calls to avoid C/C++ and embrace Rust grow louder". The Register. Retrieved 2024-08-20.
    20. Lorenc, Dan; Conill, Ariadne (January 24, 2023). "Building the first memory safe distro". Chainguard. Retrieved 2024-08-20.


    This article "Rustls" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Rustls. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.


    Retrieved from "https://en.everybodywiki.com/index.php?title=Rustls&oldid=6030457"
    License CC BY-SA 3.0
    Powered by MediaWiki