> > So my question here is - how important task is switching crypto backends > easily? Moreover, what would be the reason for me, as an app developer, > to target more than one crypto backend? I can see why I may want to > target mysql and say, SQL server - these two platforms have different > advantages, etc. But if OpenSSL works for my app, why would I need to > support any other backend? Do I have a chance of a client saying "oh, we > don't run apps using OpenSSL, only libsodium"? Abstraction is a nice > thing, but in this case I'm not sure about the added value. Of course, > if crypto library goes out of support - like mcrypt - it can be handy, > but given that each library probably will have own peculiarities, I'm > not sure abstraction would allow for clean switch anyway.
Yes, it's important if libraries are abandoned or you want to switch to another backend, because you finally decided you don't want to trust OpenSSL anymore. Regards, Niklas
