ISRG has been investing heavily in the Rustls TLS library over the past few years. Our goal is to create a library that is both memory safe and a leader in performance.
Back in January of this year we published a post about the start of our performance journey. We've come a long way since then and we're excited to share an update on Rustls performance today.
What is Rustls? Rustls is a memory safe TLS implementation with a focus on performance.
Unless the binary size difference is insane, who would say “oh well we were going to pick the library that wasn’t riddled with security issues but we decided to save 2MB instead, hope that makes you feel better about your $12m cybersecurity fine!”.
There are only going to be edge-cases where the binary size will really cause headache. Individual projects probably won’t worry too much about a size difference if it’s less than 10-20MB.
I don’t doubt that some places care about a 1MB size difference. After all, some embedded systems with limited storage need every megabyte they can spare.
I can’t be bothered to build them but looking at the releases on GitHub openssl 3.4.0 is 17.5mb and rustls is 2.6mb. both of these releases are source files not binaries but I don’t see how rustls could possibly be larger than openssl.
very nice, now let’s see that binary size.
Unless the binary size difference is insane, who would say “oh well we were going to pick the library that wasn’t riddled with security issues but we decided to save 2MB instead, hope that makes you feel better about your $12m cybersecurity fine!”.
There are only going to be edge-cases where the binary size will really cause headache. Individual projects probably won’t worry too much about a size difference if it’s less than 10-20MB.
my whole career is those edge cases
I don’t doubt that some places care about a 1MB size difference. After all, some embedded systems with limited storage need every megabyte they can spare.
You want lto = full and opt-level = s my dude/dudette
yes, i know people that will pay 12m to save 2mb.
I can’t be bothered to build them but looking at the releases on GitHub openssl 3.4.0 is 17.5mb and rustls is 2.6mb. both of these releases are source files not binaries but I don’t see how rustls could possibly be larger than openssl.
Comparing source code sizes is completely meaningless. Rust projects are usually smaller with far more granular dependencies.