Slashdot Mirror

← Back to Stories (view on slashdot.org)

Amazon's New SSL/TLS Implementation In 6,000 Lines of Code

Posted by Soulskill on from the simplify-condense-and-shorten dept.

bmearns writes: Amazon has announced a new library called "s2n," an open source implementation of SSL/TLS, the cryptographic security protocols behind HTTPS, SSH, SFTP, secure SMTP, and many others. Weighing in at about 6k lines of code, it's just a little more than 1% the size of OpenSSL, which is really good news in terms of security auditing and testing. OpenSSL isn't going away, and Amazon has made clear that they will continue to support it. Notably, s2n does not provide all the additional cryptographic functions that OpenSSL provides in libcrypto, it only provides the SSL/TLS functions. Further more, it implements a relatively small subset of SSL/TLS features compared to OpenSSL.

2 of 107 comments (clear)

  1. Re:Too much code by halivar · · Score: 5, Funny

    Good news, everyone! We have a new code volunteer. Armchair code experts always know best.

  2. Re:Too much code by Anonymous Coward · · Score: 3, Funny

    One line of code, ten thousand characters long, use only internal default variables, would look like an artistic mural done in ascii art and the guy who wrote it would have no idea what it does.

    *sigh* I love perl. One of the world first write only languages.