2025-10-07 –, Belvedere II/ Community, Contribution & the Future
For more than a decade, pyca/cryptography has been the most widely used cryptography library in the Python ecosystem, and for that entire period, we've relied on OpenSSL to provide core cryptographic algorithms, while also supporting various OpenSSL forks. However, we've also made changes to how we use OpenSSL in that period: we increasingly handle X.509 (including path building and parsing), as well as key parsing and serialization ourselves. This talk will cover lessons learned, and opportunity for improvement in OpenSSL, including API design, performance, and testing.
For more than a decade, pyca/cryptography has been the most widely used cryptography library in the Python ecosystem, and for that entire period, we've relied on OpenSSL to provide core cryptographic algorithms, while also supporting various OpenSSL forks. However, we've also made changes to how we use OpenSSL in that period: we increasingly handle X.509 (including path building and parsing), as well as key parsing and serialization ourselves. This talk will cover lessons learned, and opportunity for improvement in OpenSSL, including API design, performance, and testing.
Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled Bio to be filled
Alex is a software resilience engineer. He's current a Member of the Technical Staff at Anthropic. He's previously served as Deputy Chief Technologist for the Federal Trade Commission, tech lead for Firefox sandboxing, among others. He's also a long time open source contributor, asa maintainer of the Python Cryptographic Authority, core developer of CPython and PyPy, creator of the project that became Rust in the Linux kernel, and many others. Alex is based in Washington, DC and likes bagels and delis.