One of the really useful things is that there is now a (peer-reviewed) paper on the work, which covers much more detail about the motivation, as well as performance results ("same handshake performance as OpenSSL and 73% – 84% for bulk throughput").

https://nqsb.io/nqsbtls-usenix-security15.pdf

404 at the moment, and not in Wayback. Google Cache finds it at:

http://webcache.googleusercontent.com/search?q=cache:https%3...

in turn listing the source as:

http://www.cl.cam.ac.uk/~pes20/nqsbtls-usenix-security15.pdf

You're getting a 404 from nqsb.io? This: https://nqsb.io/nqsbtls-usenix-security15.pdf works fine for me. What browser/cache setup do you have? Does a `curl` work?

I left another copy of the paper on my homepage at http://anil.recoil.org/papers/2015-usenixsec-nqsb.pdf, but Peter's version or the USENIX site should be fine as well.

Sorry for my delay responding; HN Notify just, very belatedly (10 days later), spit out a notification of your reply.

In case the information is of any value, this much later, the first link (at nqsb.io) works for me, now. (So does the second link.)

some might have heard of this TLS stack as OCaml-TLS, but we rebranded it for our Usenix security paper. The paper includes an evaluation of common vulnerabilities in widely used TLS stacks in 2014.

Is the rebranding just for the paper or you plan on keeping it? Or is it because you plan on making this available to non-OCaml applications as well (I think it was mentioned previously on HN that ctypes/cstubs could be used in reverse mode for this)?

Definitely working on making it available to non-OCaml applications as well. The most obvious way is by using 'tlstunnel' to act as a TLS terminator to TCP, but also via inverted Ctypes to ship a shared library and C header files. More on that when it's working...