Slashdot Mirror

← Back to Stories (view on slashdot.org)

GoAhead/DMF Web Server Gets Micro-SSL Support

Posted by timothy on from the smallness dept.

JimCricket writes "The world's most popular embedded web server has gained something embedded developers have long wished for: support for a small (~50kB) SSL library designed specifically for embedded use. See the press release. The GoAhead WebServer, SSL, and Device Management Framework (from Art & Logic) can now be built into a secure, small-footprint, embedded web application platform."

3 of 10 comments (clear)

  1. From the link by Dancin_Santa · · Score: 3, Interesting

    Love the quote:

    Mocana's software is optimized for embedded systems and NOT based on large, slow open source code.

    That and a buck fifty will get you a cup of coffee here at Slashdot.

    But I wonder about the usability of this kind of thing on larger platforms. The link also says that the SSL component is supported on Linux, VxWorks, Solaris, and Windows. It is also CPU-independent so it could theoretically run on any platform in existence given the right hooks into the OS.

    Why isn't anyone else able to come up with an SSL library that is that small? I can't believe that with all the work going into creating these libraries that someone else hasn't been able to build one that small too. Or is there something that we are not being told (like while the binary is only 50K, the runtime memory requirements are much larger)

    1. Re:From the link by Anonymous Coward · · Score: 3, Interesting

      Why isn't anyone else able to come up with an SSL library that is that small? I can't believe that with all the work going into creating these libraries that someone else hasn't been able to build one that small too. Or is there something that we are not being told


      The reason is that there's bugger-all demand for this sort of thing. Most use of SSL is in standard servers. Then you've got web-enabled devices, most of which just use straight HTTP with passwords because it's assumed they'll only ever be accessed over a LAN. Of the rest, many are running some standard OS/embedded OS like Linux or WinCE where you've already got SSL support. Then there's little things like cellphones and whatnot which have got vendor-specific SSL support (possibly as WTLS) already. What's left is web-enabled devices that need SSL, don't already have it provided by the vendor, and aren't running a standard OS. This is a pretty small market.
  2. No TLS, AES or session caching by Zubinix · · Score: 2, Interesting

    According to their info page here: http://www.mocana.com/ssl.html They implement SSLv3 with Triple-DES. What about TLS? How much would that add to their footprint? What about AES cipher and SSL session caching for the server? Seems to be a few pieces missing here.