Supporting OpenSSL Providers from a Fork (S13a)
The two major public forks of OpenSSL, BoringSSL from Google and LibreSSL from OpenBSD, do not support the OpenSSL 3.0 “cryptographic provider” API. Many disagree with this approach, advocating for a new fork, QuicTLS, which aims to replace it with native C datatypes while preserving the parameter approach for compatibility with the OpenSSL validated FIPS provider. The primary impetus for the fork was OpenSSL’s development of its own QUIC implementation, which raised concerns about maintaining compatibility with basic cryptography and IETF specifications.