We're almost 5 years after Heartbleed. What is now the best SSL library to use?

5 points by forgot-my-pw ↗ HN

2 comments

[ 2.9 ms ] story [ 13.2 ms ] thread
I've used mbedtls for a few things but I don't see openssl going anywhere.
BoringSSL if you can, otherwise most projects still keep using openssl over libressl. LibreSSL API changes were a bit too radical to be widely adopted, and mbedtls or pornin's BearSSL is too different, though much better on recent attacks.

I would summarize Google did a better job than the OpenBSD folks. Pornin's BearSSL is also extremely good.