as someone who is using HAproxy a lot and talks to others who also do: most people either get substantially more hardware or switch to aws-lc, which is not too hard. Sometimes depends on who pays the server bill. ;) More servers create additional problems though. Would love to see wolfssl stable and with high performance! ❤ We will benchmark when ready. :)
I think if OpenSSL devs ever faced with a set of alt implementation choices, with say one better for security and code clarity (can overlap, imo) on one hand, versus say perf on the other, they should pick bias to former.
since ssh/sshd is one of the biggest security SPOFs in modern computing. a massive pinata for black hats
dercraig
in reply to daniel:// stenberg:// • • •Howard Chu @ Symas
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Howard Chu @ Symas • • •Howard Chu @ Symas
in reply to daniel:// stenberg:// • • •It's ok to deprioritize performance in favor of correctness. Unfortunately they don't seem to care much about correctness either.
We've been working with WolfSSL lately. I think we'll be promoting it more now.
synlogic
in reply to daniel:// stenberg:// • • •I think if OpenSSL devs ever faced with a set of alt implementation choices, with say one better for security and code clarity (can overlap, imo) on one hand, versus say perf on the other, they should pick bias to former.
since ssh/sshd is one of the biggest security SPOFs in modern computing. a massive pinata for black hats
so I *hope* thats why their perf is non-ideal