| ▲ | Macha 3 hours ago | |
Pre all the recent OpenSSL forks the only other options were: - use the platform sdks which have completely distinct APIs (and so probably aren't supported by everything between you and the TLS connection) - Use GnuTLS which is GPL and so wasn't suitable for a lot of commercial uses (less important in the age of SaaS to be fair) | ||
| ▲ | tialaramex 3 hours ago | parent [-] | |
Also, the platform SDKs invariably assume platform preferred semantics which might not be what you wanted if you write cross platform software. In particular this means you get another source of platform difference, no only does your Windows App work with different peripherals from the Mac App (because of OS drivers), but now some certificates which work with the Mac App don't work in Windows or vice versa. OpenSSL lets you bundle your CA policies with the app and thus avoid that issue (though now it's your choice what is or isn't accepted and you're probably not ready for that labour) | ||