The State of OpenSSL for pyca/cryptography

by
jake
from LWN.net on (#72V1Z)
Paul Kehrer and Alex Gaynor, maintainers of the Python cryptography module, have put out some stronglyworded criticism of OpenSSL. Itcomes from a talk they gave at the OpenSSL conference in October 2025 (YouTube video). Thepost goes into a lot of detail about the problems with the OpenSSL codebase and testing, which has led the cryptography team toreconsider using the library. "The mistakes we see in OpenSSL'sdevelopment have become so significant that we believe substantial changesare required - either to OpenSSL, or to our reliance on it." They gofurther in the conclusion:
First, we will no longer require OpenSSL implementations for new functionality. Where we deem it desirable, we will add new APIs that are only on LibreSSL/BoringSSL/AWS-LC. Concretely, we expect to add ML-KEM and ML-DSA APIs that are only available with LibreSSL/BoringSSL/AWS-LC, and not with OpenSSL.

Second, we currently statically link a copy of OpenSSL in our wheels (binary artifacts). We are beginning the process of looking into what would be required to change our wheels to link against one of the OpenSSL forks.

If we are able to successfully switch to one of OpenSSL's forks for our binary wheels, we will begin considering the circumstances under which we would drop support for OpenSSL entirely.

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments