OpenSSL Conference

For more than a decade, pyca/cryptography has been the most widely used cryptography library in the Python ecosystem, and for that entire period, we've relied on OpenSSL to provide core cryptographic algorithms, while also supporting various OpenSSL forks. However, we've also made changes to how we use OpenSSL in that period: we increasingly handle X.509 (including path building and parsing), as well as key parsing and serialization ourselves. This talk will cover lessons learned, and opportunity for improvement in OpenSSL, including API design, performance, and testing.