Amazon发布开源TLS工具s2n解决OpenSSL问题
在接下来的几个月里,amazon会部署s2n,用户则不需要做任何操作。
Amazon s2n是对libSSL(两个openssl的主库之一)的替换。
S2n的支持范围:
s2n implements SSLv3, TLS1.0, TLS1.1, and TLS1.2. For encryption, s2n supports 128-bit and 256-bit AES, in the CBC and GCM modes, 3DES, and RC4. For forward secrecy, s2n supports both DHE and ECDHE. s2n also supports the Server Name Indicator (SNI), Application-Layer Protocol Negotiation (ALPN) and the Online Certificate Status Protocol (OCSP) TLS extensions. SSLv3, RC4, and DHE are each disabled by default for security reasons.
详见AWS官方博客:https://blogs.aws.amazon.com/security/post/TxCKZM94ST1S6Y/Introducing-s2n-a-New-Open-Source-TLS-Implementation。