I don’t often venture an opinion here but I would be very much *against* using OpenSSL given the number of vulnerabilities it continues to experience. There’s http://www.mitls.org/wsgi/home which has been formally verified and our own https://hackage.haskell.org/package/tls.

Dominic Steinitz
dominic@steinitz.org
http://idontgetoutmuch.wordpress.com

On 25 Mar 2015, at 09:08, libraries-request@haskell.org wrote:

Also, to this day we don't have any TLS library support in the platform,
which also is subject to debate of which crypto-library to use (and
there's also the question whether to use OpenSSL via FFI or a native TLS
reimpl). So the platform-included `HTTP` package is not even able to
access `https://` URLs which is quite sad, as this also holds back
`cabal-install`'s ability to access `https://`-only repositories.