Re: Mandatory TLS == OpenSSL everywhere? !?!

On Thu, Nov 14, 2013 at 5:15 PM, Mike Belshe <> wrote:

> One of the things that the IETF does with all new standards is to build
> multiple, working implementations.  This was done as part of the TLS
> development as well as HTTP.
> Rob T could comment further, but I don't believe the windows TLS stack has
> much (any?) OpenSSL in it.

I am pretty certain it predates OpenSSL by a very long time. CryptoAPI
certainly predates Netscape.

Its not just the SSL library, it is the crypto library and the X.509 stack.
These are all mix and match. What has tended to happen is that crypto
libraries have been extended to add PKIX and S/MIME and TLS and DTLS have
been natural additions.


Received on Saturday, 16 November 2013 05:05:12 UTC