Playing with kernel TLS in Linux 4.13 and Go

1 · Filippo Valsorda · Sept. 6, 2017, 8:07 p.m.
Linux 4.13 introduces support for nothing less than... TLS! The 1600 LoC patch allows userspace to pass the kernel the encryption keys for an established connection, making encryption happen transparently inside the kernel. The only ciphersuite supported is AES-128-GCM as per RFC 5288, meaning it only supports TLS version...