Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
OpenSSL
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Forks == === {{Anchor|assl}}Agglomerated SSL === In 2009, after frustrations with the original OpenSSL API, Marco Peereboom, an OpenBSD developer at the time, forked the original API by creating Agglomerated SSL (assl),<ref>{{cite web |url= https://github.com/conformal/assl |title= Agglomerated SSL |website= [[GitHub]] |date= 2010-09-07 |access-date= 2024-12-09 |archive-date= December 9, 2024 |archive-url= https://web.archive.org/web/20241209174330/https://github.com/conformal/assl |url-status= live}}</ref> which reuses OpenSSL API under the hood, but provides a much simpler external interface.<ref>{{cite web |url= http://ports.su/security/assl |title= security/assl: assl-1.5.0p0v0 β hide awful SSL API in a sane interface |work= [[OpenBSD ports]] |date= 2014-05-22 |access-date= 2015-02-10 |archive-date= February 10, 2015 |archive-url= https://web.archive.org/web/20150210224924/http://ports.su/security/assl |url-status= live}}</ref> It has since been deprecated in light of the [[LibreSSL]] fork circa 2015. === LibreSSL === {{Main|LibreSSL}} In April 2014 in the wake of [[Heartbleed]], members of the [[OpenBSD]] project [[fork (software development)|fork]]ed OpenSSL starting with the 1.0.1g branch, to create a project named [[LibreSSL]].<ref name="fork">{{cite web |url=http://www.undeadly.org/cgi?action=article&sid=20140415093252&mode=expanded |title=OpenBSD has started a massive strip-down and cleanup of OpenSSL |date=2014-04-15 |work=OpenBSD journal |access-date=April 21, 2014 |archive-date=July 1, 2014 |archive-url=https://web.archive.org/web/20140701104920/http://undeadly.org/cgi?action=article&sid=20140415093252&mode=expanded |url-status=live}}</ref> In the first week of pruning the OpenSSL's [[codebase]], more than 90,000 lines of C code had been removed from the fork.<ref>{{cite web|title=OpenBSD forks, prunes, fixes OpenSSL|url=https://www.zdnet.com/article/openbsd-forks-prunes-fixes-openssl/|publisher=ZDNet|access-date=21 April 2014|date=21 April 2014|archive-date=April 21, 2014|archive-url=https://web.archive.org/web/20140421235922/http://www.zdnet.com/openbsd-forks-prunes-fixes-openssl-7000028613/|url-status=live}}</ref> === {{Anchor|BORINGSSL}}BoringSSL === In June 2014, [[Google]] announced its own fork of OpenSSL dubbed BoringSSL.<ref>{{cite web|url=https://boringssl.googlesource.com/boringssl/|title=BoringSSL|website=Git at Google|access-date=December 28, 2015|archive-date=February 17, 2018|archive-url=https://web.archive.org/web/20180217042214/https://boringssl.googlesource.com/boringssl/|url-status=live}}</ref> Google plans to co-operate with OpenSSL and LibreSSL developers.<ref>{{cite web |title=Google unveils independent 'fork' of OpenSSL called 'BoringSSL' |date=2014-06-21 |work=Ars Technica |url=https://arstechnica.com/security/2014/06/google-unveils-independent-fork-of-openssl-called-boringssl/ |access-date=June 14, 2017 |archive-date=June 23, 2014 |archive-url=https://web.archive.org/web/20140623192851/http://arstechnica.com/security/2014/06/google-unveils-independent-fork-of-openssl-called-boringssl/ |url-status=live}}</ref><ref>{{cite web|title=BoringSSL|date=2014-06-20|work=Adam Langley's Weblog|url=https://www.imperialviolet.org/2014/06/20/boringssl.html|access-date=September 22, 2015|archive-date=June 1, 2018|archive-url=https://web.archive.org/web/20180601042454/https://www.imperialviolet.org/2014/06/20/boringssl.html|url-status=live}}</ref><ref>{{cite web|url=https://nakedsecurity.sophos.com/2014/06/24/boringssl-wants-kill-the-excitement-that-led-to-heartbleed/|title=BoringSSL wants to kill the excitement that led to Heartbleed|date=24 June 2014|publisher=Sophos|access-date=October 24, 2016|archive-date=February 14, 2018|archive-url=https://web.archive.org/web/20180214073437/https://nakedsecurity.sophos.com/2014/06/24/boringssl-wants-kill-the-excitement-that-led-to-heartbleed/|url-status=dead}}</ref> Google has since developed a new library, Tink, based on BoringSSL.<ref>{{Cite web|url=https://medium.com/asecuritysite-when-bob-met-alice/goodbye-openssl-and-hello-to-google-tink-583163cfd76c|title=Goodbye OpenSSL, and Hello To Google Tink|first=Bill|last=Buchanan|date=2018-08-30|website=Medium|access-date=2019-04-04}}</ref> === {{Anchor|AWS-LC}}AWS-LC === In September 2020, it was released as a general-purpose cryptographic library maintained by the [[Amazon Web Services]] Cryptography team to be used in the AWS cloud computing platform. It Ρs based on code from the OpenSSL and BoringSSL projects.<ref>{{cite web |url= https://github.com/aws/aws-lc |title= AWS-LC is a general-purpose cryptographic library |website= [[GitHub]] |date= 2020-09-04 |access-date= 2024-12-08}}</ref> === {{Anchor|QuicTLS}}QuicTLS === It's a collaborative fork between [[Akamai]] and [[Microsoft]], based on OpenSSL 3.3 release, and with some features and fixes cherry-picked from the current OpenSSL repo.<ref>{{cite web |url= https://github.com/quictls/quictls |title= The official repository for the QuicTLS project |website= [[GitHub]] |date= 2025-05-07 |access-date= 2025-05-07}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)