Long term: Migrate from boring to rustls

[howardjohn]

Currently, we use the boring library crate. This is to support the ability to use FIPS compliant crypto. This comes at the cost of simplicity and ecosystem compatibility, where rustls is king (and, I believe, there are massive performance differences in our use case; likely some could be improved with boring, but may be a wasted effort if we do this issue).

Some background: TLS does a lot of things outside of just raw crypto operations. Only the crypto operations are relevant for compliance.

Historically, rustls uses ring for crypto, which is not certified. However, recently it has added a pluggable mechanism allowing alternative crypto backends. There is also ongoing work to make ring itself have a FIPS mode.

We should look into migrating to Rustls. A pre-requisite to this should be the presence of a (high quality) provider to alternative crypto backends. Plausibly we could offer alternative backends users could build, but as a baseline I would expect a boringssl backend, probably as the default to match with current state and Envoy.

Relevant links:

• Crypto provider for Rustls cloudflare/boring#165
• Optionally support a FIPS-approved CryptoProvider rustls/rustls#1540
• https://github.com/janrueth/boring-rustls-provider
• https://briansmith.org/lets-build-a-fips-rust-crypto