Rustls

Joe Birr-Pixton started Rustls in 2016 and remains the lead developer as of 2024. The Internet Security Research Group (ISRG), a nonprofit organization based in the United States, has sponsored the project since 2021 as part of its Prossimo initiative. ISRG aims to make Rustls a viable alternative to OpenSSL, which is widely used by internet servers but difficult to use correctly and has had security bugs, such as Heartbleed, caused by memory-unsafe code. ISRG has paid several programmers to work on Rustls, including Birr-Pixton, Daniel McCarney, and Dirkjan Ochtman, using money contributed by Google and other companies and organizations. In 2023, the Open Source Security Foundation's Alpha-Omega initiative gave ISRG $530,000 for development of the option to use different cryptographic backends and for the separate project Rust for Linux. That money came from Google, Amazon Web Services, and Microsoft. Amazon Web Services also gave ISRG $1 million in 2023 for memory-safety projects including Rustls. The Sovereign Tech Fund, supported by the German government, gave $1.5 million to ISRG in 2023 for work on Rustls and other projects that provide memory-safe versions of open source tools critical to internet security. Craig Newmark Philanthropies granted $100,000 to ISRG for memory safety projects in 2024. Additional funding has come from Fly.io, a cloud platform that uses Rustls. The United States Office of the National Cyber Director has encouraged work on memory-safe security software and complimented the Rustls team. == Architecture and features ==

Rustls is a low-level software library focused on TLS implementation. By default Rustls uses cryptographic primitives from Amazon Web Services Libcrypto for Rust (aws-lc-rs), which supports Federal Information Processing Standards (FIPS). The project has experimental support for post-quantum cryptography: a key exchange method with a special key encapsulation mechanism (Kyber). Rustls uses its own fork of the webpki library to verify public key infrastructure certificates, a step in the TLS handshake. Rustls supports Server Name Indication (SNI), which allows a web server to serve multiple HTTPS websites at the same IP address with different certificates. It also supports TLS certificates that contain IP addresses instead of domain names. C programs can use Rustls through a foreign function interface API, rustls-ffi. Rustls also has an OpenSSL compatibility layer that allows configuring the widely-used Nginx web server to use Rustls instead of OpenSSL. Rustls is available under multiple free software licenses: Apache 2.0, MIT, and ISC. In 2019, benchmarks carried out by the Rustls developer showed better performance than OpenSSL. In 2024 the project conducted new performance comparisons with the latest version of OpenSSL, which showed some scenarios where Rustls was faster or more efficient and some where OpenSSL performed better. == Uses ==

Like other TLS implementations, a computer user may use Rustls without being aware of it, as an underlying part of an application or website. A programmer can use Rustls directly or by configuring a higher-level library or tool to use it. In particular, Rustls is used by some projects that want to ensure they have a secure software supply chain. The US Cybersecurity and Infrastructure Security Agency has recommended using products in memory safe languages as part of its "Secure by Design" initiative. Some libraries support Rustls as one of several choices for TLS implementations. The reqwest HTTP client library offers the option to use Rustls for TLS instead of the system's default TLS library (for example, on Windows the default is the Security Support Provider Interface). In 2020 an ISRG software engineer enabled using Rustls as a TLS backend for cURL. s2n-quic, an implementation of the QUIC network protocol in Rust, supports both Rustls and s2n-tls for TLS. In 2021 Google funded the creation of mod_tls, a new TLS module for Apache HTTP Server using Rustls. The new module is intended to be a successor to the mod_ssl module that uses OpenSSL, as a more secure default. As of August 2024, mod_tls is available in the latest version of Apache but still marked as experimental. The Internet Society, a nonprofit that advocates for an open and secure internet, suggests that organizations use this module as a step toward increasing memory safety. Rustls is the default TLS implementation in some applications. The utility program cargo_audit, which checks Rust project dependencies for security vulnerabilities, uses Rustls. Linkerd, which "adds security, observability, and reliability to any Kubernetes cluster", includes a proxy server built with Rustls. Wolfi, a tool for making memory-safe Linux containers, uses Rustls. In 2024, ISRG announced plans to start replacing OpenSSL with Rustls in Let's Encrypt, their free certificate authority used by hundreds of millions of websites. == See also ==