Rustls is a Rust language library project that aims to serve as a replacement for OpenSSL, starting with version 0.23.0. The key feature is its support for FIPS mode, which is essential for connecting to the central government systems of the United States and many other organizations often require this mode as well.
Previously, Rustls supported several underlying encryption libraries, including Rust Crypto, Mbed TLS, and Boring SSL, and is preparing to include Microsoft’s SymCrypt in the future. One significant advantage of switching to aws-lc-rs as the base library is that the overall performance of Rustls will surpass that of OpenSSL and also consume approximately five times less memory.
Originally, Rustls could be used as a substitute for OpenSSL in Apache HTTP Server and Curl. The next goal is to create a compatibility layer to enable Rustls to replace OpenSSL in most cases.
Currently, the Rustls project is under the management of ISRG, the organization behind Let’s Encrypt. This project is supported by AWS, the Sovereign Tech Fund, Google, Fly.io, and the OpenSSF.
Source: MemorySafety.org
TLDR: Rustls is a Rust-based library project aiming to replace OpenSSL, supporting FIPS mode and boasting better performance and lower memory usage. Under the management of ISRG, it has garnered support from major tech companies.
Leave a Comment