Boost logo

Boost :

From: Gavin Lambert (boost_at_[hidden])
Date: 2020-02-26 00:21:58

On 25/02/2020 22:00, Mike wrote:
>> Gesendet: Montag, 24. Februar 2020 um 17:00 Uhr
>> Von: "Kostas Savvidis via Boost" <boost_at_[hidden]>
>>> On Feb 24, 2020, at 12:34, Mike via Boost <boost_at_[hidden]> wrote:
>>> I can't speak for the boost community, but I guess another big question mark is probably
>>> long term support and response to security vulnerabilities.
>> +1 --- If it is not written by people with academic credentials in cryptography
>> and does not come with an independent
>> security audit from the same it should be a clear no go.
> I have to wonder though: Did/does Openssl/libressl actually satisfy those criteria?

FWIW, when I need something outside of TLS, I usually reach for Crypto++
( ).

It has been formally FIPS validated in the past, but the latest version
hasn't been re-validated (since that requires constant $$$).

Overall though I agree with Vinnie -- Boost should in general not
reimplement any algorithms; at most it should provide a unifying
interface around existing proven libraries.

Boost list run by bdawes at, gregod at, cpdaniel at, john at