As part of our quality control and review process, wolfSSL is planning removal of obsolete and deprecated TLS protocol support from our mainline TLS library. TLS 1.0 and 1.1 were introduced in 1999 and 2006 respectively, and both versions were formally deprecated by RFC 8996 in 2021. As noted in the deprecation RFC, TLS 1.0 […]
Read MoreMore TagMonth: September 2024
Live Webinar: Everything You Ever Wanted to Know About How wolfSSL Runs on Xilinx
Explore how wolfSSL enhances security on Xilinx Devices in an upcoming webinar. Join wolfSSL software Developer Jacob Barthelmeh in our live webinar, Everything You Ever Wanted to Know About How wolfSSL Runs on Xilinx, on October 2nd at 10am PT. Dive into the world of secure embedded systems and discover how to optimize wolfSSL for […]
Read MoreMore TagPost-Quantum wolfHSM on Aurix Tricore
The title says it all!! If you have been paying any attention at all to us here at wolfSSL, you will know that we are very proud of our wolfHSM product that already runs on the Aurix Tricore. What we have not been focusing on is the post-quantum algorithms that work with wolfHSM. Let’s use […]
Read MoreMore TagwolfSSH with X.509 Certificates
Did you know wolfSSH can use X.509 certificates in place of SSH public keys? wolfSSH supports RFC 6187, “X.509v3 Certificates for Secure Shell Authentication”. This uses wolfSSL’s certificate management for TLS, so the certificates may be checked against CRLs and OCSP. wolfSSH has been used in applications as a server where it needed to validate […]
Read MoreMore TagFIPS vs FedRAMP Compliance and Requirements
The wolfSSL team has noticed an uptick in questions about FedRAMP requirements. Today, we want to cover the differences between FIPS and FedRAMP. FIPS: The Federal Information Processing Standards (FIPS) stipulate security requirements for cryptographic modules, which wolfSSL Inc. meets with our wolfCrypt FIPS module. NIST and the CMVP then encourage all federal programs using […]
Read MoreMore TagIntroducing rustls-wolfcrypt-provider: wolfCrypt for Rustls
rustls-wolfcrypt-provider integrates the wolfCrypt cryptographic library as a backend for Rustls, allowing developers to use wolfCrypt’s secure cryptographic functions with Rustls’ modern TLS stack. Currently in alpha, this library offers flexibility for those needing an alternative crypto provider, especially for projects requiring FIPS 140-3 readiness. Other reasons to consider wolfCrypt as your Rustls provider include […]
Read MoreMore TagLive Webinar: Everything You Need to Know about FIPS 140-3
Join us on September 25th at 10 AM PT for an in-depth look at FIPS 140-3 with wolfSSL Senior Software Engineer, Kaleb Himes. This is your chance to get the inside scoop on how FIPS 140-3 can enhance your security! Register Now: Everything You Need to Know about FIPS 140-3 Date: September 25th at 10am […]
Read MoreMore TagStrengthening RSA default minimum to 2048 bits
wolfSSL helps make the internet secure. Part of this task is continually updating our default settings to keep up with adversarial advancements. A recent article detailed the use of default RSA key sizes by an IoT manufacturer, which resulted in a 512 bit key being used for authentication. “The factoring required $70 in cloud computing […]
Read MoreMore TagExpressVPN’s Benchmark Results with wolfSSL
wolfSSL’s trusted partner, ExpressVPN, recently announced impressive cryptographic benchmark results comparing unaccelerated and hardware-accelerated performance with wolfSSL. Check out ExpressVPN’s benchmarks and download Lightway Core, ExpressVPN’s modern VPN protocol, on GitHub. If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247. Download wolfSSL Now
Read MoreMore TagAzure Removing TLS 1.0 & TLS 1.1
Are you prepared for the upcoming security enhancements in Azure, which will remove support for TLS 1.0 and TLS 1.1? By the end of October, Azure will no longer accept connections using TLS 1.0 and TLS 1.1 (Azure announcement). This is great news! The older TLS protocols are less secure compared to the newer TLS […]
Read MoreMore Tag