Skip to main content

Version: 0.1.3

Security

Reporting vulnerabilities

Please report potential vulnerabilities privately to maintainers.

Do not open public issues for unpatched vulnerabilities.
Include affected crate(s), versions, reproduction details, and impact.
Include proof-of-concept input/trace where possible.

Workspace security scope

noxtls
noxtls-core
noxtls-crypto
noxtls-pem
noxtls-x509
noxtls-io
noxtls-platform

Policy features

Security policy and compatibility controls are implemented as compile-time features in noxtls-core:

policy-strict-constant-time
policy-allow-legacy-algorithms
policy-allow-sha1-signatures

Strict constant-time mode is intentionally incompatible with legacy/sha1 permissive modes.

Reporting vulnerabilities
Workspace security scope
Policy features