Open flavio opened 10 months ago
@flavio @lukehinds ToB is willing to pick this up!
@jleightcap: awesome, who should assign this issue to?
Update: rustls is now supporting two different crypto backends: ring
and aws-lc-rs
. The latter one is a drop-in replacement of ring that provides FIPS support.
The tough
crate is also considering to perform the same change.
I still think we should drop the pure-rust libraries and support either ring
or aws-lc-rs
Description
A long time ago we moved away from the
ring
crate to a constellation of pure-rust cryptographic libraries. We did the switch because thering
library did not build for certain architectures (like s390x and webassembly).This limitation has been addressed by latest versions of the library. Moreover, we have recently reintroduced the
ring
dependency to implement TUF trustroots.Moving back to ring would reduce the list of dependencies we have, making the codebase easier to understand and to maintain.
I think these are the dependencies we should be able to remove: