Next: IP Security (IPsec)
Up: Communications Security
Previous: Communications Security
In OpenBSD libssl provides a toolkit for the Secure Socket Layer
(SSL v2/v3) and Transport Layer Security (TLS v1) [6] which
provide strong cryptographic protection for network communication such
as server authentication and data encryption. The Secure Socket Layer
is currently used by web servers, e.g., Apache as shipped with
OpenBSD, and browsers like Netscape Communicator. In the future,
applications like telnet and ftp will be converted to use
TLS, possibly even during our network installation process.
Due to patent restrictions, libssl in the OpenBSD distribution
supports only digital signatures with DSA [27], but an
additional package is provided for users outside the USA to add back
RSA-signature [19] support. This is implemented by providing
two shared libraries: libssl.so.1.0 has only function stubs for
RSA support, while libssl.so.1.1 contains full RSA support.
Notice that shared library minor-version number changes typically
indicate interface-transparent bug fixes.
& D. Keromytis
4/26/1999