HAProxy

[Raytonne]

This is related to Issue #261

We tried to build HAProxy with BoringSSL and it worked. By doing this we also bring QUIC to HAProxy. Are there any people who are interested in this now? If so we'll create a PR.

[dstebila]

Thanks @Raytonne! I think we'd be interested. I know that @ajbozarth has also been working up HAProxy updates.

[Raytonne]

Sure. @ajbozarth do you want to submit a OpenSSL build tutorial or do you want us to submit a Boringssl Dockerfile?

[ajbozarth]

@johnma14 and I were planning on taking our tutorial blog posts on openssl/curl and haproxy and using them to create a Dockerfile to submit here. I was planning on working on it in the next couple weeks (just freed up some bandwidth).

IIUC, based on your linked discussion, it may be worth having both a BoringSSL and OpenSSL based HAProxy demos. Feel free to create a PR with what you have and we can discuss how/if our plans will step on each others toes

[pi-314159]

Since HAProxy no longer supports BoringSSL, it's not advisable to use BoringSSL to enable HAProxy's support for quantum-safe algorithms.

@baentsch HAProxy supports quantum-safe algorithms through oqs-provider: HAProxy -- OQS-Provider

[baentsch]

Thanks for the pointer @pi-314159 ! Very nice--one less integration to handle in oqs-demos!! So we essentially can close this issue then!?

[pi-314159]

@baentsch Yes! I'll update the README and add a link to HAProxy's instruction

[baentsch]

Great, @pi-314159 -- Looking forward to that. Please consider updating both README (for integrators) and USAGE (for more simple consumers to know how to simply "run stuff") files with suitable pointers to the upstream if possible.

@ajbozarth consider my wish (as stated a few months and again a few weeks ago when you proposed to demo a demo) for an HAProxy demo update moot then. Please also forward to your colleagues as suitable (Mariam... ? Don't know the right handle)