The Broadband Guide
search advanced
 forgot password?

Google takes OpenSSL and turns it into BoringSSL

2014-06-23 09:53 by
Tags: , ,


Since the revelations surrounding the Heartbleed bug, which put hundreds of thousands of websites at risk earlier this year, a consortium from across the industry launched the Core Infrastructure Initiative to manage the code base of OpenSSL. In addition to an existing fork called LibreSSL being developed outside the initiative, Google is developing its own version of OpenSSL - the BoringSSL - to include patches from the other two code bases without replacing either one.

The project, isn't designed to replace OpenSSL, wrote Adam Langley, a Google software engineer, on his personal blog. Google will contribute its changes to the OpenSSL open-source project and use bug fixes from that team, he wrote.

"We have used a number of patches on top of OpenSSL for many years. Some of them have been accepted into the main OpenSSL repository, but many of them don't mesh with OpenSSL's guarantee of API and ABI stability and many of them are a little too experimental," Langley wrote in a blog post.

Having written more than 70 patches that are used across multiple platforms, the effort to maintain these for Android and Chrome has become too much.

"We are not aiming to replace OpenSSL as an open-source project. We will still be sending them bug fixes when we find them and we will be importing changes from upstream," Langley added.

Read more -here-


  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About