Status and/or receptivity of replacing OpenSSL in various projects

[kevinburke1]

Hi,
Thanks for taking on this project, this is super valuable and I appreciate your efforts here. I saw this post this morning and got really excited about it: https://daniel.haxx.se/blog/2021/02/09/curl-supports-rustls/

I was starting to think about all of the other tools I use that use OpenSSL as the TLS backend by default (nginx, git, ruby, node come to mind) and how to go about porting those. It would be nice if there was a list of like, here are some popular projects that compile a C TLS library in by default, the maintainers are definitely open to this, the maintainers are not open to this at all. I figure instead of starting from scratch I could at least contact folks and ask about this.

Googling for "ruby custom TLS backend" did not really return any results. At the very least, a Github issue titled "Memory safe TLS backend for Ruby" might rank really highly and then you could explain the benefits and people interested in this issue would have a place they could coordinate with other folks interested in this issue.

[alex]

Changing a C dependency for a Rust one isn't something we considered when we created this bounty, and it's definitely a potentially interesting direction!

@reaperhulk do you have thoughts? I'm tentatively in favor of saying its included in our scope.