

PolarSSL is now a part of ARM - fcambus
https://polarssl.org/tech-updates/blog/polarssl-part-of-arm

======
_stephan
Congratulations!

Who knows, maybe a part of the "exciting plans for 2015" is to release
PolarSSL under a liberal open source license...

~~~
edent
It's GPL 2 - [https://polarssl.org/how-to-get#open-
source](https://polarssl.org/how-to-get#open-source)

I'm not saying that's the nadir of licenses - but it's pretty good, no?

~~~
feld
GPLv2 crypto will never dethrone OpenSSL

~~~
rurban
Who should care if GPL is bad for a SSL library? First of all it needs to be
correct and PolarSSL is the only one in this field. It is trusted, and it is
fast enough.

I would never trust GnuTLS, NSS or OpenSSL over PolarSSL.

~~~
getsat
> Who should care if GPL is bad for a SSL library?

An entity which actually ships software?

------
nly
I would have expected Facebook or Google to do this ages ago. Particularly
Google, rather than pursuing 'BoringSSL'. Still, it's nice to see new and
different flows of investment in to TLS. I hope this is a sign that at least
one British company is taking our privacy and security seriously.

~~~
tptacek
Why exactly would Google want to buy someone else's SSL library?

------
shanemhansen
Clearly ARM sees an opportunity for synergy with PolarSSL. I've built a few
services on top of ARM based SOC and being able to fully utilize on onboard
cryptographic coprocessor for file serving applications can be a performance
challenge.

There are some options [[http://www.altechnative.net/2011/05/22/hardware-
accelerated-...](http://www.altechnative.net/2011/05/22/hardware-accelerated-
ssl-on-marvell-kirkwood-arm-using-openssl-on-fedora/)] for getting openssl
hardware accelerated on common arm boards, but it could be made much easier to
get a performant configuration if PolarSSL and ARM worked together.

I hope that this acquisition will pave the way to an encrypted internet of
things.

~~~
ChuckMcM
Exactly! A common SSL that works on all ARM SOCs that you can get for 'free'
from ARM is critical to the security of distributed smart devices. If done
well, this can be a huge win.

------
clopez
What exactly it means that PolarSSL (a crypto library) is now part of ARM (a
CPU architecture) ???

~~~
Tarang
It probably means ARM will create ASIC type encryption on their chips. May be
helpful saving battery life.

~~~
notacoward
It _might_ , but I wouldn't say _probably_. It might also mean more resources
devoted to ensuring that PolarSSL runs well on the ARM architectures/chips
that are (or will be) out there anyway. That's probably more interesting to
most people, except for those making dedicated network hardware.

~~~
xgbi
I don't see the problem, PolarSSL runs on ARM very well!

~~~
notacoward
Who said there was a problem? I'm sure PolarSSL runs very well on ARM already.
However, it's also extremely likely that it could run even better if the
PolarSSL developers were more fully plugged into what the people who work on
the ARM crypto hardware know. It's amazing what one can do if one knows
_exact_ details of what's going on within each functional unit, between them
on the internal coherency bus, etc. ARM probably saw an opportunity, not a
problem.

~~~
bravo22
I don't think it is that. ARM doesn't make the crypto. The SoC makers put
their own crypto cores so it wouldn't help ARM that way.

I think just like they bought Keil (a dev tools maker) this is a strategy play
to make it easier for end devs to add SSL or other crypto to their products.
One shop solution.

~~~
notacoward
Actually ARM does make crypto. It's part of ARMv8, licensable as an option for
at least the Cortex-A53.

[http://infocenter.arm.com/help/topic/com.arm.doc.ddi0500e/DD...](http://infocenter.arm.com/help/topic/com.arm.doc.ddi0500e/DDI0500E_cortex_a53_r0p3_trm.pdf)
(section 2.1.4)

There are undoubtedly other bits as well, as part of their "trusted computing"
blahblah. Even if that weren't the case, knowing more about the internals of
current and upcoming ARM IP could help optimize even an all-software
implementation of PolarSSL. You could be right that it's mostly about "one
stop shopping" but that doesn't mean there won't be other benefits.

~~~
bravo22
You are correct.

However, Trusted Computing crypto is different than the crypto accelerators
you find as peripherals in an SoC.

I should have been more clear that I meant crypto peripherals. There are
crypto instruction extensions but don't require a separate library
implementation -- just asm code optimization in something like openSSL.

PolarSSL is also targeted (mainly) towards much lower power than A53 or
Cortex-A. It is targeted towards Cortex-M where you are dealing with KB of
data and often don't have an MMU. You can't just port OpenSSL to those
platforms and run it at will, hence their optimized libraries.

------
ctz
I guess this is part of ARM's IoT push.

~~~
errordeveloper
It's funny how in issue #1 users are asking for DTLS. I'm pretty sure this is
what's finally going to get implemented and probably will appear in mbed OS
soon too.

[https://github.com/polarssl/polarssl/issues/1](https://github.com/polarssl/polarssl/issues/1)
[http://mbed.org/technology/os/](http://mbed.org/technology/os/)

