Oh, I remember my Solaris fanboys praising Kernel-Level TLS as it reduced context switching by a lot. I believe they even had a patched openssl making this transparent to openssl based applications.

Linux seems to offer such facilities, too. I never use it to my knowledge, though (might be that some app used it in background?) https://lwn.net/Articles/892216/

Why stop there? Why not sign and verify off the mother of all root CA’s, your TPM 2.0 Module EEPROM?

(fun to walk down through the trees and the silicon desert of despair, to the land of the ROM, where things can never change)