-
Notifications
You must be signed in to change notification settings - Fork 593
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ConfigBuilder: default crypto provider #1409
Comments
I think we discussed this in a PR, but I can't find it now. Some history:
IIRC the thought was that people should be aware of which crypto provider they pull in, since it's a security-sensitive choice. However, it does also make sense to me that we should probably have a fast path for the default backend that doesn't require an extra import. Given that the As for how to then spell the choice between alternative providers, it might make sense to tackle #1372 first before we make further changes here. |
I was thinking of something like:
(Note |
Er, didn't really read the above comment from djc fully. I think we'd have to move |
We could make a lot of things easier if we used dynamic dispatch, so that the type of the |
I think, on reflection, I'd prefer that. Just because, like you say, the type of the |
Rough sketch of this on #1448 -- the API The answer to the performance question is a small but consistent improvement, which is odd but perhaps not at a significant level. Noteworthy instruction count differences
|
Right now on
main
the way to build a ClientConfig or ServerConfig is:This has two downsides:
Most users don't care about the crypto provider backend and are happy to use whatever good default rustls provides.
It would be better if the basic config builder boilerplate did not specify the crypto provider, leaving it up to rustls. That would minimize the mental overhead for users; and it would also allow us to change the default on the rustls side without requiring all users to update their code.
Because the crypto provider is part of the type parameters of ClientConfig, ServerConfig, and (transitively) ConfigBuilder, this might be a little challenging to achieve, but I think it's possible. At a minimum we would have to document that the type parameter could change across versions.
Here's a straw proposal:
The text was updated successfully, but these errors were encountered: