Hello, my new name is "Tongsuo"

Text｜Yang Yang (flower name: Kai Shen)

Founder of Tongsuo Open Source Password Library, Senior Technical Expert of Ant Group

This article is 2816 words, read 8 minutes

Goodbye BabaSSL, hello Tongsuo!

Due to several special reasons in its history, the name BabaSSL seems to be a cryptographic product of the main SSL/TLS protocol, which is actually not in line with the functional characteristics of the entire product, and the name itself is not neutral enough, which will make users feel A certain degree of misunderstanding.
At present, BabaSSL is actively promoting the donation to the Open Atom Open Source Foundation, and considering the future development direction of the community, it is now decided to change the name of the BabaSSL project. The new name needs to be more neutral and reflect the functional nature of the project. Based on these considerations, the new name is planned to be: Tongsuo, which corresponds to the Chinese Pinyin "Tongsuo" of the Latin alphabet name Tongsuo. The bronze lock is a security facility that has been widely used in the 5,000-year history of Chinese civilization. It is small and exquisitely designed, with Chinese traditional characteristics, which is in line with the product characteristics and development goals of the password library.

1. Where did BabaSSL come from and why did it change?

BabaSSL was born within Ant and Ali Group in 2019 and is a variant version based on the fork of OpenSSL 1.1.1. The motivation for creating the BabaSSL project is to obtain a unified OpenSSL variant version within Ant and Alibaba, so that this unified version can be used to support various businesses within Ant and Alibaba. This can reduce the cost of maintaining OpenSSL by various business parties, realize unified management and maintenance of cryptographic capabilities, and reduce potential security risks.

According to the internal business characteristics of Ant and Alibaba, BabaSSL needs to adopt a completely different development path from OpenSSL. In short, the scenarios that BabaSSL needs to cover are very diverse, including mobile, server, and resource-constrained embedded environments. Moreover, in terms of the support of algorithms and cryptographic features, the business of Ant and Alibaba has a great demand for cutting-edge technologies, so BabaSSL is required to adopt a relatively aggressive evolution strategy, but also to ensure high quality standards to cope with Ant and Alibaba business scale. So we used the Brisk and Better Assured Cryptography and SSL/TLS toolkit to name this cryptography basic library and abbreviated it as BabaSSL.

With the development of the BabaSSL project, we found that in addition to Ant and Alibaba's internal businesses relying heavily on it, the industry also has a great demand for national security compliance and cutting-edge cryptography technology. Therefore, in October 2020, we made BabaSSL open source and kept the name of BabaSSL unchanged. With the development of the BabaSSL open source community and the increase in the number of users, we gradually found that the name BabaSSL can no longer continue to shoulder the larger goals and missions of the entire community, so it is necessary to choose a new name.

2. My new name - "Bronze Lock/Tongsuo"

After discussing with friends in the open source community and communicating with the Open Atomic Open Source Foundation, we finally selected "Bongsuo/Tongsuo" as the new name of the BabaSSL open source project, with the following meanings:

1. The design image of the copper lock is similar to the image of the cryptographic lock, both of which are technologies to ensure safety.

2. Copper locks have a long history and are widely used

3. Bronze locks were born in the Han Dynasty of China and were popular in the Ming and Qing Dynasties. They are very Chinese and represent the traditional culture of China.

4. The copper lock has exquisite design, small size and high security

These characteristics of Bronze Lock are in line with BabaSSL's project positioning and development goals: an open source cryptography basic library that adapts to the widest range of scenarios, has the best performance, the highest reliability, and is compliant with regulation. Just as the copper lock is the most basic element that guarantees people's life and property in the long history of China for 5,000 years, the "Bronze Lock Code Library", as the basic component in the field of information security, the core basic element of China's cyberspace security and data security, also hopes to provide Contribute to the information and property security of the Chinese people.

The Latin alphabet name of Tongsuo directly adopts the Chinese Pinyin of Tongsuo: Tongsuo, and no other meanings are given. The purpose is to reflect the brand name and cultural value of China.

3. A series of operations after the name change

We will make the following renaming measures for the BabaSSL open source project in the near future. Some of these measures may affect users, and additional attention should be paid:

"Codebase name change"

1. Create a new Tongsuo organization on Github, rename the BabaSSL code repository to Tongsuo and migrate it under it;

2. The transfer address of the BabaSSL code repository will automatically jump to the new Tongsuo repository address on Github, which is convenient for existing users to access;

3. The master branch of the new Tongsuo code repository is changed to be based on the OpenSSL 3.0 code base, and the whole is migrated to the Apache License 2.0 open source license. The relevant branch changes are made as follows:

a. The existing master branch is renamed master-babassl and set to read-only mode, that is, no new code merges are accepted, and it is only reserved for reference;

b. Rename the master-tongsuo branch to master as the development branch of the next major version tongsuo-8.4.0. Since there is no logical relationship between the new master branch and the old master branch, the user needs to manually check out the new master branch and overwrite the local old master branch. During this process, if there is code modification in your local master branch, please save it to avoid loss of code modification.

"Site Rename"

1. Start the tongsuo.net website and update the website content/brand;

2. Redirect access to the babassl.cn website to tongsuo.net;

3. Added tongsuo.readthedocs.org website as the document library of Tongsuo project.

"Release renaming and version strategy"

1. In version 8.3.x, the name of BabaSSL will be used, that is, subsequent versions such as BabaSSL 8.3.1;

2. Renamed Tongsuo from 8.4.0. Tongsuo continues the version numbering of BabaSSL without redefining the numbering. Mainly to consider the before and after compatibility of software version upgrades and comparisons. The new release package name is: tongsuo-abctar.gz or tongsuo-abczip.

"Code API Naming Modification"

Compatibility issues need to be considered, so APIs starting with BABASSL_ will continue to remain until the 9.0 major release.

4. Looking forward to growing up with you

After a year of hard work, the Tongsuo/Tongsuo open source cryptographic library project passed the TOC defense of the Open Atomic Open Source Foundation. Next, our focus is to continue to promote the research and development of Tongsuo version 8.4.0. This version will provide strong support for related features in the field of semi-homomorphic encryption algorithms and other cutting-edge cryptography fields, bringing users of Tongsuo the advantages of privacy computing. Low-level cryptographic primitive capabilities.

I hope that more friends can participate and work with us to improve Tongsuo/Tongsuo . No matter which research field you are in, we are very much looking forward to and welcome you to join us. In addition, we have recently established the BabaSSL open source project Dingding Group, which is convenient for the users of the BabaSSL password library to communicate and exchange. We look forward to having more community friends grow together in BabaSSL !

Dingding user exchange group number: 44810299

The renaming of BabaSSL involves a lot of changes to existing asset names, such as code base renaming, document content name replacement, etc. For the specific progress and status, we will notify you in the above-mentioned DingTalk group in time.

understand more…

Bronze Lock/Tongsuo Star ✨:
https://github.com/BabaSSL/BabaSSL