Josh Aas
@joshaas.bsky.social
Head of ISRG (Let’s Encrypt, Divvi Up, Prossimo).
We created a safer AV1 decoder, rav1d, by forking the dav1d decoder and rewriting the C code in Rust. It works great except our Rust is 5% slower than the C. We're not sure why so we're offering a $20k bounty to figure it out and make the Rust code faster. www.memorysafety.org/blog/rav1d-p...
$20,000 rav1d AV1 Decoder Performance Bounty
In March of 2023 we announced that we were starting work on a safer high performance AV1 decoder called rav1d, written in Rust. We partnered with Immunant to do the engineering work. By September of 2...
www.memorysafety.org
May 14, 2025 at 8:02 AM
We created a safer AV1 decoder, rav1d, by forking the dav1d decoder and rewriting the C code in Rust. It works great except our Rust is 5% slower than the C. We're not sure why so we're offering a $20k bounty to figure it out and make the Rust code faster. www.memorysafety.org/blog/rav1d-p...
Such great work from the Rustls devs.
I wrote a blog post about rustls performance on the server for the Prossimo blog; rustls comes out comparing well to the alternatives, and we’re still improving it!
www.memorysafety.org/blog/rustls-...
www.memorysafety.org/blog/rustls-...
Rustls Server-Side Performance
In past years, the Rustls project has been happy to receive substantial investments from the ISRG. One of our goals has been to improve performance without compromising on safety. We last posted about...
www.memorysafety.org
May 14, 2025 at 7:49 AM
Such great work from the Rustls devs.
Reposted by Josh Aas
Yesterday Chromium deleted our copy of `libavif` -- the last step of a year-long project replacing it with a new Rust library! :)
chromium-review.googlesource.com/c/chromium/s...
chromium-review.googlesource.com/c/chromium/s...
Gerrit Code Review
chromium-review.googlesource.com
January 25, 2025 at 5:56 AM
Yesterday Chromium deleted our copy of `libavif` -- the last step of a year-long project replacing it with a new Rust library! :)
chromium-review.googlesource.com/c/chromium/s...
chromium-review.googlesource.com/c/chromium/s...
Just announced the timeline for Let's Encrypt ending support for OCSP: letsencrypt.org/2024/12/05/e...
Ending OCSP Support in 2025
Earlier this year we announced our intent to provide certificate revocation information exclusively via Certificate Revocation Lists (CRLs), ending support for providing certificate revocation informa...
letsencrypt.org
December 5, 2024 at 4:54 PM
Just announced the timeline for Let's Encrypt ending support for OCSP: letsencrypt.org/2024/12/05/e...
Rustls multithreaded performance is fantastic. This is on an 80 core ARM machine.
November 29, 2024 at 3:30 PM
Rustls multithreaded performance is fantastic. This is on an 80 core ARM machine.
Ivan Ristić's TLS certificate monitoring service Hardenize is now Red Sift Certificates. Today they announced a free offering for monitoring up to 250 certificates, looks nice. blog.redsift.com/certificates...
Never miss an expiring certificate with Red Sift Certificates Lite
With Certificates Lite, you can monitor up to 250 certificates and receive email alerts 7 days before expiration. It’s simple, effective, and free.
blog.redsift.com
November 27, 2024 at 1:12 AM
Ivan Ristić's TLS certificate monitoring service Hardenize is now Red Sift Certificates. Today they announced a free offering for monitoring up to 250 certificates, looks nice. blog.redsift.com/certificates...
Reposted by Josh Aas
hyper in curl needs a champion.
A backing vendor or distro that wants it.❤️
Why? Report after report: Memory un-safety. Is. BAD.
A #rustlang HTTP backend in #curl has potential to make the internet safer. 🦀
But it needs a champion to back it, or it will go away. 🚀
seanmonstar.com/blog/hyper-i...
A backing vendor or distro that wants it.❤️
Why? Report after report: Memory un-safety. Is. BAD.
A #rustlang HTTP backend in #curl has potential to make the internet safer. 🦀
But it needs a champion to back it, or it will go away. 🚀
seanmonstar.com/blog/hyper-i...
hyper in curl Needs a Champion
tl;dr - hyper in curl is nearly complete, but it needs a champion. Without a partner actively engaged that wants to enable and ship, it’s now on the path for...
seanmonstar.com
November 19, 2024 at 3:01 PM
hyper in curl needs a champion.
A backing vendor or distro that wants it.❤️
Why? Report after report: Memory un-safety. Is. BAD.
A #rustlang HTTP backend in #curl has potential to make the internet safer. 🦀
But it needs a champion to back it, or it will go away. 🚀
seanmonstar.com/blog/hyper-i...
A backing vendor or distro that wants it.❤️
Why? Report after report: Memory un-safety. Is. BAD.
A #rustlang HTTP backend in #curl has potential to make the internet safer. 🦀
But it needs a champion to back it, or it will go away. 🚀
seanmonstar.com/blog/hyper-i...
Reposted by Josh Aas
Who’s going to @cendemtech.bsky.social’s #TechProm tomorrow? Be sure to connect with Sarah Gran from Let's Encrypt/ISRG. They work to keep hundreds of millions of websites safe, focus on private measurement and memory safety.
November 13, 2024 at 7:59 PM
Who’s going to @cendemtech.bsky.social’s #TechProm tomorrow? Be sure to connect with Sarah Gran from Let's Encrypt/ISRG. They work to keep hundreds of millions of websites safe, focus on private measurement and memory safety.
Reposted by Josh Aas
Let's Encrypt is one of my favorite tech organizations of all time. letsencrypt.org/about
October 26, 2024 at 12:05 AM
Let's Encrypt is one of my favorite tech organizations of all time. letsencrypt.org/about
Memory safe Rustls is now outperforming both OpenSSL and BoringSSL. So proud of what this team is doing. www.memorysafety.org/blog/rustls-...
Rustls Outperforms OpenSSL and BoringSSL
ISRG has been investing heavily in the Rustls TLS library over the past few years. Our goal is to create a library that is both memory safe and a leader in performance.
Back in January of this year we...
www.memorysafety.org
October 22, 2024 at 2:09 PM
Memory safe Rustls is now outperforming both OpenSSL and BoringSSL. So proud of what this team is doing. www.memorysafety.org/blog/rustls-...
Reposted by Josh Aas
After almost 6 years, I revived my blog to publish an overview of all the open source stuff I worked on last month. Updates from rustls, Hickory DNS, rustup, pyrtls, KumoMTA, Quinn, Askama, tokio, and instant-acme.
dirkjan.ochtman.nl/writing/2024...
dirkjan.ochtman.nl/writing/2024...
September on GitHub (2024) – Dirkjan Ochtman
dirkjan.ochtman.nl
October 18, 2024 at 4:07 PM
After almost 6 years, I revived my blog to publish an overview of all the open source stuff I worked on last month. Updates from rustls, Hickory DNS, rustup, pyrtls, KumoMTA, Quinn, Askama, tokio, and instant-acme.
dirkjan.ochtman.nl/writing/2024...
dirkjan.ochtman.nl/writing/2024...