I've realized that the Fedora defensive guide  is the only guide we
have to introduce the C TLS and crypto libraries we have, as well as
provide a defensive style in using them. However, it is quite out-
dated, and misses information which may be standard requirement in the
future (e.g., support for HSMs). For that, I've taken the liberty to
update the text on crypto libraries, as well as the TLS libraries,
i.e., gnutls, Bob Relyea reviewed text on NSS, and we added a section
on using Hardware Security Modules with openssl, gnutls and NSS.
The existing updates are in:
However, what is missing now, is updating the code samples for openssl with code that is
safe to use with both 1.1.0 and 1.0.0, review the section on HSMs+openssl, and add a
section on setting up a server with openssl. Anyone who knows openssl well enough to
volunteer for any of the tasks above?