Comparison of TLS implementations

The Transport Layer Security (TLS) protocol provide the ability to secure communications across networks. There are several TLS implementations which are free and open source software and sometimes choosing between the available implementations can be tough. Below, you will find a side-by-side comparison of several of the most prominent libraries.

All comparison categories use the stable version of each implementation listed in the overview section. The comparison is limited to features that directly relate to the TLS protocol.

Overview

Implementation	Developed By	Open Source	Software License	Copyright Owner	Latest Stable Version	Release Date	Origin	Website
axTLS	Cameron Rich	Yes	BSD style licensing	Cameron Rich	1.4.8	2012-07-01	Australia	http://axtls.sourceforge.net/
cryptlib	Peter Gutmann	Yes	Sleepycat License and commercial license	Peter Gutmann	3.4.1	2011-07-07	NZ	http://www.cs.auckland.ac.nz/~pgut001/cryptlib/
CyaSSL	yaSSL	Yes	GPLv2 and commercial license	yassl.com	2.4.0	2012-10-10	US	http://www.yassl.com
GnuTLS	GnuTLS project	Yes	LGPL	Free Software Foundation	3.1.3	2012-10-13	EU (Greece and Sweden)	http://www.gnutls.org/
hs-tls	Vincent Hanquez	Yes	BSD style licensing	Vincent Hanquez	1.0.1	2012-10-30	EU	http://github.com/vincenthz/hs-tls http://hackage.haskell.org/package/tls
MatrixSSL	PeerSec Networks	No	Proprietary	PeerSec Networks	3.3	2012-02-22	US	http://www.matrixssl.org
MatrixSSL-open	PeerSec Networks	Yes	GPLv2	PeerSec Networks	3.3	2012-02-22	US	http://www.matrixssl.org
NSS		Yes	Mozilla Public License	NSS contributors	3.14[1]	2012-10-22	US	http://www.mozilla.org/projects/security/pki/nss/
OpenSSL	OpenSSL project	Yes	OpenSSL / SSLeay dual-license	Eric Young, Tim Hudson, Sun, OpenSSL project, and others	1.0.1c	2012-05-10	Australia/EU	http://openssl.org/
PolarSSL	Offspark	Yes	GPLv2 and commercial license	Brainspark B.V. (brainspark.nl)	1.2.0	2012-10-31	EU (Netherlands)	http://polarssl.org
SChannel	Microsoft	No	Proprietary	Microsoft Inc.	Windows 7	2009-10-22	US	http://microsoft.com
Secure Transport	Apple Inc.	Yes	APSL 2.0	Apple Inc.	55003 (Mac OS X 10.7.3)	2012-02-01	U.S.	Source: http://www.opensource.apple.com/ Documentation: http://developer.apple.com/
Security Builder SSL-C	Certicom	No	Proprietary	Certicom Corp., A Subsidiary of Research In Motion	5.5.1	2011-02-28	Canada	http://www.certicom.com
JSSE	Oracle	Yes	GPLv2 and commercial license	Oracle	JDK 6, JDK 7	2011-02-03 (ea snapshot release)	US	http://openjdk.java.net/ http://www.java.net/ http://www.java.com/
Implementation	Developed By	Open Source	Software License	Copyright Owner	Latest Stable Version	Release Date	Origin	Website

Protocol Support

Several versions of the TLS protocol exist. SSL 2.0 is a deprecated protocol, vulnerable to several attacks. SSL 3.0 and TLS 1.0 are its successors without any major known vulnerabilities. TLS 1.1 fixes all the known issues in TLS 1.0, and TLS 1.2 is the latest published version, introducing new features. DTLS 1.0 or Datagram TLS is a modification of TLS 1.1 for a packet-oriented transport layer, where packet loss and packet reordering have to be tolerated.

Note that there are known vulnerabilities in SSL 2.0, SSL 3.0 and TLS 1.0^[2] protocols.

Implementation	SSL 2.0[3]	SSL 3.0[4]	TLS 1.0[5]	TLS 1.1[6]	TLS 1.2[7]	DTLS 1.0[8]	DTLS 1.2[9]
axTLS	No[10]	No	Yes	Yes	No	No	No
cryptlib	No	Yes	Yes	Yes	Yes	No	No
CyaSSL	No	Yes	Yes	Yes	Yes	Yes	No
GnuTLS	No[10]	Yes	Yes	Yes	Yes	Yes	No
hs-tls	No	Yes	Yes	Yes	Yes	No	No
MatrixSSL-open	No	Yes	Yes	Yes	No	No	No
NSS	Disabled by default	Yes	Yes	Disabled by default[1]	No	Beta[1]	No
OpenSSL	Yes	Yes	Yes	Yes[11]	Yes[11]	Yes	No
PolarSSL	No	Yes	Yes	Yes	Yes	No	No
SChannel	Yes	Yes	Yes	Yes	Yes	Yes[12]	Yes
Secure Transport	Disabled by default[a]	Yes	Yes	Yes[a]	Yes[a]	Yes[a]	No
Security Builder SSL-C	Yes	Yes	Yes	Yes	Yes	Yes	No
JSSE	No[10]	Yes	Yes	Yes	Yes	No	No
Implementation	SSL 2.0	SSL 3.0	TLS 1.0	TLS 1.1	TLS 1.2	DTLS 1.0	DTLS 1.2

1. Secure Transport: SSL 2.0 is disabled by default. TLS 1.1, 1.2 and DTLS are available on iOS 5.0 and later.^[13]

CipherSuite Profiles

Implementation	TLS 1.2 Suite B
axTLS	No
cryptlib	Yes
CyaSSL	Yes
GnuTLS	Yes
hs-tls	No
NSS	No
MatrixSSL	Yes
OpenSSL	No
PolarSSL	No
SChannel	No
Secure Transport	unknown
Security Builder SSL-C	Yes
JSSE	No
Implementation	TLS 1.2 Suite B

Key Exchange Algorithms (Certificate-only)

This section lists the certificate verification functionality available in the various implementations.

Implementation	RSA[7]	RSA-EXPORT[7]	DHE-RSA[7]	DHE-DSS[7]	ECDH-ECDSA[14]	ECDHE-ECDSA[14]	ECDH-RSA[14]	ECDHE-RSA[14]	VKO GOST R 34.10-2001[15][16]
axTLS	Yes	No	No	No	No	No	No	No	No
cryptlib	Yes	No	Yes	Yes	No	Yes	No	No	No
CyaSSL	Yes	No	Yes	No	Yes	Yes	Yes	Yes	No
GnuTLS	Yes	Yes	Yes	Yes	No	Yes	No	Yes	No
hs-tls	Yes	No	No	No	No	No	No	No	No
MatrixSSL	Yes	No	Yes	No	Yes	Yes	Yes	Yes	No
MatrixSSL-open	Yes	No	No	No	No	No	No	No	No
NSS	Yes	Yes[17]	Partial[18]	Partial[18]	Yes	Yes	No	Yes	No
OpenSSL	Yes	Yes	Yes	Yes	No	Yes	No	Yes	Yes
PolarSSL	Yes	No	Yes	No	No	No	No	No	No
SChannel	Yes	No	No	Yes	No	Yes	No	Yes	No[19]
Security Builder SSL-C	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	No
JSSE	Yes	Yes	Yes	Yes	Yes	Yes	No	No	No[19]
Implementation	RSA	RSA EXPORT	DHE-RSA	DHE-DSS	ECDH-ECDSA	ECDHE-ECDSA	ECDH-RSA	ECDHE-RSA	VKO GOST R 34.10-2001

Certificate Verification Methods

Implementation	Application-defined	PKIX path validation[7]	DANE (DNSSEC)[7]	Trust on First Use (TOFU)
axTLS		Yes	No	No
cryptlib		Yes	No	No
CyaSSL		Yes	No	No
GnuTLS		Yes	Yes	Yes
hs-tls	Yes	Yes	No	No
MatrixSSL		Yes	No	No
MatrixSSL-open		Yes	No	No
NSS	Yes	Yes	No	No
OpenSSL		Yes	No	No
PolarSSL		Yes	No	No
SChannel		Yes	No	No
Security Builder SSL-C		Yes	No	No
JSSE		Yes	No	No
Implementation	Application-defined	PKIX	DANE	TOFU

Key Exchange Algorithms (Alternative key-exchanges)

Implementation	DH-ANON[7]	SRP[20]	SRP-DSS[20]	SRP-RSA[20]	PSK-RSA[21]	PSK[21]	DHE-PSK[21]	ECDHE-PSK[22]	ECDH-ANON[14]
axTLS	No	No	No	No	No	No	No	No	No
cryptlib	No	No	No	No	No	Yes	Yes	No	No
CyaSSL	No	No	No	No	No	Yes	No	No	No
GnuTLS	Yes	Yes	Yes	Yes	No	Yes	Yes	Yes	Yes
hs-tls	No	No	No	No	No	No	No	No	No
MatrixSSL	Yes	No	No	No	No	Yes	No	No	No
MatrixSSL-open	No	No	No	No	No	No	No	No	No
NSS	No	No	No	No	No	No	No	No	No
OpenSSL	Yes	Yes	No	No	No	Yes	No	No	Yes
PolarSSL	No	No	No	No	No	No	No	No	No
SChannel	No	No	No	No	No	No	No	No	No
Security Builder SSL-C	Yes	No	No	No	Yes	Yes	Yes	Yes	Yes
JSSE	Yes	No	No	No	No	No	No	No	No
Implementation	DH-ANON	SRP	SRP-DSS	SRP-RSA	PSK-RSA	PSK	DHE-PSK	ECDHE-PSK	ECDH-ANON

Encryption Algorithms

Implementation	AES-CBC	AES-GCM[23]	AES-CCM[24]	3DES-CBC	DES-CBC (Insecure)	RC4-128	RC4-40 (Insecure)	CAMELLIA-CBC[25]	GOST28147-89[15]
axTLS	Yes	No	No	No	No	Yes	No	No	No
cryptlib	Yes	Yes	No	Yes	No	Yes	No	No	No
CyaSSL	Yes	Yes	No	Yes	No	Yes	No	No	No
GnuTLS	Yes	Yes	No	Yes	No	Yes	Disabled by default	Yes	No
hs-tls	Yes	No	No	No	No	Yes	No	No	No
MatrixSSL	Yes	Yes	No	Yes	No	Yes	No	No	No
MatrixSSL-open	Yes	No	No	Yes	No	Yes	No	No	No
NSS	Yes	Yes	No	Yes	Disabled by default	Yes	Disabled by default	Disabled by default	No
OpenSSL	Yes	Yes [11]	No	Yes	Yes	Yes	Yes	Yes	Yes
PolarSSL	Yes	Yes	No	Yes	Disabled by default	Yes	No	Yes	No
SChannel	Yes	Partial[26]	No	Yes	Yes	Yes	No	No	No[19]
Security Builder SSL-C	Yes	Yes	No	Yes	Yes	Yes	Yes	No	No
JSSE	Yes	No	No	Yes	Yes	Yes	Yes	No	No[19]
Implementation	AES-CBC	AES-GCM	AES-CCM	3DES-CBC	DES-CBC	RC4-128	RC4-40	CAMELLIA-CBC	GOST28147-89

Supported elliptic curves

This section lists the supported elliptic curves by each implementation.

Implementation	Arbitrary curves	Arbitrary char2 curves	sect163k1 (1)	sect163r1 (2)	sect163r2 (3)	sect193r1 (4)	sect193r2 (5)	sect233k1 (6)	sect233r1 (7)	sect239k1 (8)	sect283k1 (9)	sect283r1 (10)	sect409k1 (11)	sect409r1 (12)	sect571k1 (13)	sect571r1 (14)	secp160k1 (15)	secp160r1 (16)	secp160r2 (17)	secp192k1 (18)	secp192r1 (19)	secp224k1 (20)	secp224r1 (21)	secp256k1 (22)	secp256r1 (23)	secp384r1 (24)	secp521r1 (25)
CyaSSL	No	No	No	No	No	No	No	No	No	No	No	No	No	No	No	No	No	Yes	No	No	Yes	No	Yes	No	Yes	Yes	Yes
GnuTLS	No	No	No	No	No	No	No	No	No	No	No	No	No	No	No	No	No	No	No	No	Yes	No	Yes	No	Yes	Yes	Yes
NSS	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
OpenSSL	No	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Implementation	Arbitrary curves	Arbitrary char2 curves	sect163k1	sect163r1	sect163r2	sect193r1	sect193r2	sect233k1	sect233r1	sect239k1	sect283k1	sect283r1	sect409k1	sect409r1	sect571k1	sect571r1	secp160k1	secp160r1	secp160r2	secp192k1	secp192r1	secp224k1	secp224r1	secp256k1	secp256r1	secp384r1	secp521r1

Assisted cryptography

This section lists the ability of an implementation to take advantage of CPU instruction sets that optimize encryption, or utilize system specific devices that allow access to underlying cryptographic hardware for acceleration or for data separation.

Implementation	/dev/crypto	PKCS #11 device	Windows CSP	Intel AES-NI	VIA PadLock
axTLS	No	No	No	No	No
cryptlib	No	Yes	No	No	Yes
CyaSSL	No	No	No	Yes	No
GnuTLS	Yes	Yes	No	Yes	Yes
hs-tls	No	No	No	Yes	No
MatrixSSL	No	Yes	No	No	No
MatrixSSL-open	No	No	No	No	No
NSS	No	Yes[27]	No	Yes	No
OpenSSL	Yes	No	No	Yes	Yes
PolarSSL	No	Yes	No	No	Yes
SChannel	No	No	Yes	Yes	No
Security Builder SSL-C	No	Yes	No	No	No
JSSE	No	Yes	Yes	No	No
Implementation	/dev/crypto	PKCS #11 device	Windows CSP	Intel AES-NI	VIA PadLock

MAC Functions

Implementation	AEAD	HMAC-MD5	HMAC-SHA-1	HMAC-SHA-256	GOST28147-89-MAC[15]	GOST 34.11-94[15]
axTLS	No	Yes	Yes	No	No	No
cryptlib	Yes	Yes	Yes	Yes	No	No
CyaSSL	No	Yes	Yes	Yes	No	No
GnuTLS	Yes	Yes	Yes	Yes	No	No
hs-tls	Yes	Yes	Yes	Yes	No	No
MatrixSSL	No	Yes	Yes	Yes	No	No
MatrixSSL-open	No	Yes	Yes	No	No	No
NSS	No	Yes	Yes	Yes	No	No
OpenSSL	No	Yes	Yes	Yes	Yes	Yes
PolarSSL	Yes	Yes	Yes	Yes	No	No
SChannel	Yes	Yes	Yes	Yes	No[19]	No[19]
Security Builder SSL-C	Yes	Yes	Yes	Yes	No	No
JSSE	No	Yes	Yes	Yes	No[19]	No[19]
Implementation	AEAD	HMAC-MD5	HMAC-SHA-1	HMAC-SHA-256	GOST28147-89-MAC	GOST 34.11-94

Compression

Implementation	DEFLATE[28]
axTLS	No
cryptlib	No
CyaSSL	Yes
GnuTLS	Disabled by default
MatrixSSL	No
MatrixSSL-open	No
NSS	Disabled by default
OpenSSL	Yes
PolarSSL	Yes
SChannel	No
Security Builder SSL-C	Yes
JSSE	No
Implementation	DEFLATE

Cryptographic module/token support

Implementation	TPM support	Hardware token support	Objects identified via
axTLS	No	No
cryptlib	No	PKCS11	User-defined label
CyaSSL	No	No
GnuTLS	Yes	PKCS11	PKCS #11 URLs[29]
MatrixSSL	No	PKCS11
MatrixSSL-open	No	No
NSS	No	PKCS11
OpenSSL	Yes	PKCS11 (via external module)	Custom method
PolarSSL	No	PKCS11 (via libpkcs11-helper) or standard hooks
SChannel	No	Microsoft CryptoAPI	UUID, User-defined label
Security Builder SSL-C	No	PKCS11 (via external module)
JSSE	No	PKCS11 Java Cryptography Architecture/ Java Cryptography Extension
Implementation	TPM support	Hardware token support	Objects identified via

Extensions

In this section the extensions each implementation supports are listed. Note that the Secure Renegotiation extension is critical for HTTPS client security. TLS clients not implementing it are vulnerable to attacks, irrespective of whether the client implements TLS renegotiation.

Implementation	Secure Renegotiation[30]	Server Name Indication[31]	Certificate Status Request[31]	OpenPGP[32]	Supplemental Data[33]	Session Ticket[34]	Keying Material Exporter[35]	Maximum Fragment Length[31]	Truncated HMAC[31]
axTLS	No	No	No	No	No	No	No	No	No
cryptlib	Yes	Yes	No	No	Yes	No	No	No[36]	No
CyaSSL	No	No	No	No	No	No	No	No	No
GnuTLS	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	No
hs-tls	Yes	Yes	No	No	No	No	No	Yes	No
MatrixSSL	Yes	No	No	No	No	Yes	No	Yes	No
MatrixSSL-open	Yes	No	No	No	No	No	No	No	No
NSS	Yes	Yes	No	No	No	Yes	No[37]	No	No
OpenSSL	Yes	Yes	Yes	No	No?	Yes	Yes?	No	No
PolarSSL	Yes	Yes	No	No	No	No	No	No	No
SChannel	Yes	Yes	Yes	No	Yes	No	No	No	No
Security Builder SSL-C	Yes	Yes	No	No	No	Yes	No	Yes	No
JSSE	Yes	Partial[18]	No	No	No	No	No	No	No
Implementation	Secure Renegotiation	Server Name Indication	Certificate Status Request	OpenPGP	Supplemental Data	Session Ticket	Keying Material Exporter	Maximum Fragment Length	Truncated HMAC

Code Size and Dependencies

Implementation	Code size	Dependencies	Optional dependencies
axTLS	12 kLoc	libc
CyaSSL	27 kLoc	libc	zlib (compression)
GnuTLS	138 kLoc	libc nettle or gcrypt	zlib (compression) p11-kit (PKCS #11)
hs-tls	5 kLoc	Haskell
MatrixSSL	22 kLoc	libc
MatrixSSL-open	18 kLoc	libc
NSS	400 kLoc	libc libnspr4 libsoftokn3 libplc4 libplds4	zlib (compression)
OpenSSL	159 kLoc	libc	zlib (compression)
PolarSSL	14 kLOC	libc	libpkcs11-helper (PKCS #11) zlib (compression)
JSSE	37 kLoc (Framework and Oracle provider)	Java
Implementation	Code size	Dependencies	Optional dependencies

Development Environment

Implementation	Namespace	Build Tools	API Manual	Crypto Back-end	OpenSSL Compatibility Layer
axTLS	SSL_CTX, SSL	Makefile, mconf	API Reference (HTML)	Included (monolithic)	Yes (limited)
cryptlib	crypt*	makefile, MSVC project workspaces	Programmers reference manual (PDF), architecture design manual (PDF)	Included (monolithic)	No
CyaSSL	CyaSSL_* SSL_*	Autoconf, automake, libtool, MSVC project workspaces, XCode projects, CodeWarrior projects	Manual and API Reference (HTML, PDF)	Included (monolithic)	Yes (about 10% of API)
GnuTLS	gnutls_*	Autoconf, automake, libtool	Manual and API reference (HTML, PDF)	External, libnettle	Yes (limited)
hs-tls	Network.TLS.*	Cabal	API reference (HTML)	External, cryptohash, cryptocipher	No
MatrixSSL	matrixSsl_* ps*	Makefile, MSVC project workspaces, Xcode projects for Mac OS X and iOS	API Reference (PDF)	Included (monolithic)	No
MatrixSSL-open	matrixSsl_* ps*	automake, MSVC project workspaces, XCode projects	API Reference (PDF)	Included (monolithic)	No
NSS	CERT_* SEC_* SECKEY_* NSS_* PK11_* SSL_* ...	Makefile	Manual (HTML)	Included, PKCS#11 based[38]	Yes (separate package called nss_compat_ossl[39])
OpenSSL	SSL_* SHA1_* MD5_* EVP_* ...	Makefile	Man pages	Included (monolithic)	Not Applicable
PolarSSL	ssl_* sha1_* md5_* x509parse_* ...	Makefile, CMake, MSVC project workspaces	API Reference + High Level and Module Level Documentation (HTML)	Included (monolithic)	No
Security Builder SSL-C	ssl_*	makefile	Programmers reference manual (PDF), User Guide (PDF)	Included (monolithic)	No
JSSE	javax.net.ssl	Makefile	API Reference (HTML) + JSSE Reference Guide	Java Cryptography Architecture/ Java Cryptography Extension
Implementation	Namespace	Build Tools	API Manual	Crypto Back-end	OpenSSL Compatibility Layer

Portability Concerns

Implementation	Platform Requirements	Network Requirements	Thread Safety	Random Seed	Able to Cross-Compile	Supported Operating Systems
axTLS	C89	none	POSIX threads (optional)	/dev/urandom or platform dependent.	Yes	Generally any POSIX or Windows based platforms.
cryptlib	C89	POSIX send() and recv(). API to supply your own replacement	Thread-safe.	Platform-dependent, including hardware sources	Yes	AMX, BeOS, ChorusOS, DOS, eCOS, FreeRTOS/OpenRTOS, uItron, MVS, OS/2, PalmOS, QNX Neutrino, RTEMS, Tandem NonStop, ThreadX, uC/OS II, Unix (AIX, FreeBSD, HPUX, Linux, OS X, Solaris, etc.), VDK, VM/CMS, VxWorks, Win16, Win32, Win64, WinCE/PocketPC/etc, XMK
CyaSSL	C89	POSIX send() and recv(). API to supply your own replacement.	Thread-safe, needs mutex hooks if PThreads or WinThreads not available, can be turned off	Random seed set through CTaoCrypt	Yes	Win32/64, Linux, Mac OS X, Solaris, ThreadX, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, Haiku, OpenWRT, iPhone (iOS), Android, Nintendo Wii and Gamecube through DevKitPro, QNX, MontaVista, OpenCL, NonStop, TRON/ITRON/µITRON, Micrium's µC OS, FreeRTOS, Freescale MQX, Nucleus
GnuTLS	C89	POSIX send() and recv(). API to supply your own replacement.	Thread-safe, needs custom mutex hooks if neither POSIX nor Windows threads are available.	platform dependent	Yes	Generally any POSIX platforms or Windows, commonly tested platforms include GNU/Linux, Win32/64, Mac OS X, Solaris, OpenWRT, FreeBSD, NetBSD, OpenBSD.
hs-tls	Haskell	Haskell network library.	Thread-safe.	platform dependent	No	Generally any POSIX or Windows based platforms.
MatrixSSL	C89	none	Thread-safe	platform dependent	Yes
MatrixSSL-open	C89	none	Thread-safe	platform dependent	Yes
NSS	C89, NSPR[40]	NSPR[40] PR_Send() and PR_Recv(). API to supply your own replacement.	Thread-safe	Platform dependent[41]	Yes (but cumbersome)	AIX, Android, FreeBSD, NetBSD, OpenBSD, BeOS, HP-UX, IRIX, Linux, Mac OS X, OS/2, Solaris, OpenVMS, Amiga DE, Windows, WinCE, Sony PlayStation
OpenSSL	C89?	?	Needs mutex callbacks	Set through native API		Unix, DOS (with djgpp), Windows, OpenVMS, MacOS, NetWare
PolarSSL	C89	POSIX read() and write(). API to supply your own replacement.	Thread-safe	Random seed set through HAVEGE random engine	Yes	Known to work on: Win32/64, Linux, Mac OS X, Solaris, FreeBSD, NetBSD, OpenBSD, OpenWRT, iPhone (iOS), Xbox
Security Builder SSL-C	C89	Must write your own application callbacks for socket I/O	Thread-safe under certain documented conditions	platform dependent	Yes
JSSE	Java	Java SE network components	Thread-safe	Depends on java.security.SecureRandom	Yes	Java based, platform-independent
Implementation	Platform Requirements	Network Requirements	Thread Safety	Random Seed	Able to Cross-Compile	Supported Operating Systems

References

1. "NSS 3.14 release notes". Mozilla Developer Network. Mozilla. Retrieved 2012-10-27.
2. "Bard attack". CiteSeer^x: 10.1.1.61.5887. {{cite web}}: Missing or empty |url= (help)
3. SSLv2 is insecure
4. RFC 6101
5. RFC 2246
6. RFC 4346
7. RFC 5246 Cite error: The named reference "tls" was defined multiple times with different content (see the help page).
8. RFC 4347
9. RFC 6347
10. SSLv2 client hello is supported
11. initial support in version 1.0.1 www.openssl.org/news/changelog.html
12. "An update is available that adds support for DTLS in Windows 7 SP1 and Windows Server 2008 R2 SP1". Microsoft. Retrieved 13 November 2012.
13. "Technical Note TN2287: iOS 5 and TLS 1.2 Interoperability Issues". iOS Developer Library. Apple Inc. Retrieved 2012-05-03.
14. RFC 4492
15. draft-chudov-cryptopro-cptls-04
16. RFC 4357
17. Disabled by default
18. Client side only
19. Extensions to support this functionality might be available.
20. RFC 5054
21. RFC 4279
22. RFC 5489
23. RFC 5288
24. [1]
25. RFC 5932
26. Support is erratic, in many cases SChannel will simply drop the connection if a suite with this algorithm is specified.
27. Normally NSS's libssl performs all operations via the PKCS#11 interface, either to hardware or software tokens
28. RFC 3749
29. PKCS #11 URLs is a way to refer to objects stored in PKCS #11 tokens
30. RFC 5746
31. RFC 6066
32. RFC 6091
33. RFC 4680
34. RFC 5077
35. RFC 5705
36. Present but disabled by default due to lack of use by any implementation.
37. Patch is available
38. On the fly replaceable/augmentable.
39. http://fedoraproject.org/wiki/Nss_compat_ossl
40. Netscape Portable Runtime (NSPR)
41. For Unix/Linux it uses /dev/urandom if available, for Windows it uses CAPI. For all platforms it gets data from clock, and tries to open system files. NSS has a set of platform dependent functions is uses to determine randomness.

External links

• axTLS Website
• cryptlib Website
• yaSSL Website
• GnuTLS Website
• MatrixSSL Website
• NSS Website
• OpenSSL Website
• PolarSSL Website
• Security Builder SSL-C Website