Google is funding a project in the Internet Security Research Group to transfer a critical component of the Apache HTTP project web server from the error-prone C programming language to a more secure alternative called Rust.
This module is called mod_ssl and is the module responsible for supporting them cryptographic functions required to establish HTTPS connections to an Apache web server.
ISRG says it plans to develop a new module called mod_tls that will do the same thing but using the Rust programming language instead of C.
The module will be based on Rustls. a Rust open source library developed as alternative solution for the OpenSSL project based on C.
To lead this project, the management of ISRG commissioned Stefan Eissing, the founder of the software consulting firm Greenbytes, and one of the responsible of Apache HTTP Server code, to lead the project mod_tls.
According to W3Techs, the Apache HTTP web server is the leading web server technology that is used today from 34,9% of all websites whose web server technology is known.
Both Google As well as the Microsoft products perform experiments using Rust on both Chrome as well as in Windows. Microsoft has even gone so far as to create a completely new Rust programming language called Verona.
With such statistics from both Google and Microsoft, and with almost two-thirds of all sites now being redirected to HTTPS, transferring the Apache mod_ssl module to Rust is a simple and fast way to ensure that billions of users will maintained safe in the coming years.
Source of information: zdnet.com