Rustls Outperforms OpenSSL and BoringSSL - Prossimo (www.memorysafety.org)
from snaggen@programming.dev to rust@programming.dev on 22 Oct 2024 18:16
https://programming.dev/post/20859618

#rust

threaded - newest

JoYo@lemmy.ml on 22 Oct 2024 19:49 next collapse

very nice, now let’s see that binary size.

Solemarc@lemmy.world on 22 Oct 2024 23:24 next collapse

I can’t be bothered to build them but looking at the releases on GitHub openssl 3.4.0 is 17.5mb and rustls is 2.6mb. both of these releases are source files not binaries but I don’t see how rustls could possibly be larger than openssl.

Username@feddit.org on 23 Oct 2024 00:26 collapse

Comparing source code sizes is completely meaningless. Rust projects are usually smaller with far more granular dependencies.

FizzyOrange@programming.dev on 23 Oct 2024 03:01 collapse

Unless the binary size difference is insane, who would say “oh well we were going to pick the library that wasn’t riddled with security issues but we decided to save 2MB instead, hope that makes you feel better about your $12m cybersecurity fine!”.

KamikazeRusher@lemm.ee on 23 Oct 2024 04:05 next collapse

There are only going to be edge-cases where the binary size will really cause headache. Individual projects probably won’t worry too much about a size difference if it’s less than 10-20MB.

JoYo@lemmy.ml on 23 Oct 2024 04:27 collapse

my whole career is those edge cases

KamikazeRusher@lemm.ee on 23 Oct 2024 10:51 collapse

I don’t doubt that some places care about a 1MB size difference. After all, some embedded systems with limited storage need every megabyte they can spare.

JoYo@lemmy.ml on 23 Oct 2024 04:28 collapse

yes, i know people that will pay 12m to save 2mb.

KamikazeRusher@lemm.ee on 23 Oct 2024 03:53 next collapse

Some of the notes highlight that performance differences in specific tests were due to AVX-512 support. I’d like to see a post going into detail about what challenges the libraries (or their dependencies) went through to get that integrated and how much of an increase came from it.

patrick@lemmy.bestiver.se on 23 Oct 2024 05:52 collapse

This article is so weird. “We outperformed our competitors because Intel improved the performance of the AWS owned cryptography library we use.”

So like…what did you guys do? Don’t get me wrong, I’m not saying that you did nothing, but your career would go better if you put it in the article that is specifically for bragging about your accomplishment.