id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
770	Enable PolarSSL or Botan as a compile-time alternative to OpenSSL	launchpad.net/~posita		"Timing attacks have plagued OpenSSL for over a decade. Having more than one choice for a TLS library is likely a good thing.

To my knowledge, no one has attempted to integrate nginx with Botan (http://botan.randombit.net/), however several forks of nginx have enabled mbed TLS (formerly PolarSSL; https://tls.mbed.org/) support:

* https://github.com/Yawning/nginx-polarssl
* https://github.com/alinefr/nginx-polarssl (fork of Yawning's effort)

There are, of course, other options (https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations), but Botan and mbed TLS both show promise. As of this writing, they are the only two libraries to support Curve25519 (which is kind of embarrassing for the rest of the world, but I digress...)."	enhancement	new	minor		nginx-core	1.9.x		ssl security			n/a