Andrew Findlay wrote:
Amazon have just announced a completely new implementation of TLS. By avoiding all the history and ignoring features that they don't need the code has been cut by a factor of 10 when compared with the equivalent part of OpenSSL. OpenSSL or some other crypto library is still needed, but this is surely worth a look for future use with LDAP:
http://blogs.aws.amazon.com/security/post/TxCKZM94ST1S6Y/Introducing-s2n-a-N... https://github.com/awslabs/s2n/blob/master/README.md
I've used PolarSSL in the past, for tighter memory constrained projects. They're so good at what they do that ARM bought them.
It's also a complete crypto library, not just the TLS protocol implementation.
Kinda wonder why Amazon wasted their time on this one. libcurl currently supports 11 different TLS implementations (and I wrote the modular framework for all of them). The world really didn't need another one.