Google takes OpenSSL and turns it into BoringSSL2014-06-23 09:53 by Daniela
Tags: OpenSSL, BoringSSL, Google
Since the revelations surrounding the Heartbleed bug, which put hundreds of thousands of websites at risk earlier this year, a consortium from across the industry launched the Core Infrastructure Initiative to manage the code base of OpenSSL. In addition to an existing fork called LibreSSL being developed outside the initiative, Google is developing its own version of OpenSSL - the BoringSSL - to include patches from the other two code bases without replacing either one.
The project, isn't designed to replace OpenSSL, wrote Adam Langley, a Google software engineer, on his personal blog. Google will contribute its changes to the OpenSSL open-source project and use bug fixes from that team, he wrote.
Having written more than 70 patches that are used across multiple platforms, the effort to maintain these for Android and Chrome has become too much.
Read more -here-