On Thu, Sep 1, 2016 at 10:43 PM, Jack Moffitt <j...@metajack.im> wrote: > One reason I would like to see the NSS bindings is that other projects > in the Rust ecosystem may need more confidence in the crypto bits or > functionality not yet implemented. Not every project in Rust is as > pre-production as Servo. NSS bindings are also likely to be better > maintained than the existing OpenSSL stuff with support from upstream.
You seem to have a lot of confidence in MoCo's ability to support a project on its own, and very little confidence in the Rust ecosystem to maintain its chosen solutions. It seems very unlikely that Rust projects will move to NSS over OpenSSL or *ring* once bindings for NSS are available and mature enough; you also seem to evaluate the current state of rust-openssl and *ring*/rustls against some future where NSS bindings exist, discounting any progress that the other projects will make in the mean time. It may be comfortable from a MoCo perspective to rely on MoCo staff/funding, but this mostly feels like "no one ever got fired for buying IBM". Wouldn't it be great if Mozilla and the Rust community actually aligned to advance and mature Rust crypto? Cheers, Dirkjan _______________________________________________ dev-servo mailing list dev-servo@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-servo