Here is something interesting, TLS Version 1.2 has been the required standard for protection by the US Government since December 2010 due to no longer allowing MD5 to be used in certain cases.<p><a href="https://blogs.oracle.com/xuelei/entry/tls_and_nist_s_policy" rel="nofollow">https://blogs.oracle.com/xuelei/entry/tls_and_nist_s_policy</a><p>This has actually been interesting for those of us in the government sector since TLS 1.2 for example is not yet supported by so many different libraries/clients that I know of people having to get exceptions for their products to still be deployed in federal instances...
Hmm, at the moment I'm writing something in Ruby using OpenSSL, where a Socket object becomes an OpenSSL::SSL::SSLSocket<p>It's an absolute nightmare. It won't stay alive for more than 10 minutes without some form of OpenSSL error, and I've even managed to create some kind of weird condition where pure bytes and other garbage are read off the socket<p>What really concerns me is the lack of documentation for this. It's SSL, out of any piece of Ruby I would like it to be the most documentated/most maintained/easy to find help with piece, but instead, I've been stuck with this giant piece of broken code for three months with no idea where to et help<p>The point being, it's all very well saying massive companies with engineers on tap are supporting these technologies. But for a startup with one person at the keyboard, they are figuratively screwed. I'm still holding out for the possibility that there is somewhere in the world someone who understands how to securely handle OpenSSL sockets in Ruby, I really do.<p>I refuse to go to MVP with a server which is raising exceptions left right and center, and at the moment, that's gonna kill the startup dead in its tracks.