From: Vinnie Falco (vinnie.falco_at_[hidden])
Date: 2019-09-11 01:38:14
On Tue, Sep 10, 2019 at 6:04 PM Alex Christensen via Boost
> At https://github.com/boostorg/asio/pull/283 <https://github.com/boostorg/asio/pull/283>
> Iâve attached a proof-of-concept which explores making ASIO secure by default.
This looks like nonsense to me.
`asio::ssl::stream` is a layered stream  which is implemented in
terms of operations on an instance of the NextLayer type. For example,
the next layer type is tcp::socket, which meets the requirements of
SyncReadStream, SyncWriteStream, AsyncReadStream, and
AsyncWriteStream. Asio's ssl::stream can work with any type which
meets the requirements. Here's an example that uses Beast's test
What you have done is ignore the elegant concept-driven design of
Asio, and instead invest energy to pursue some religious agenda
("secure by default"). The result is a less functional networking
component. Here's are two more examples which cannot be implemented
with your design:
This one provides real-time counts of encrypted bytes read and written 
This one supports inline timeouts, delivered as the error code
You should have come to me first so I could spare you the wasted
effort by explaining that your design is crippled out of the box. It
isn't too late, I am more than happy to help you find more productive
uses of your time.
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk