Hi all,

[ Context: https://developer.trustedfirmware.org/w/mbed-tls/tech-plans-3.0/ ]

Currently the SSL/TLS library includes a module called net_sockets.c (formerly net.c), enabled by default in config.h (but disabled by config.py baremetal), that contains some networking functions based on POSIX or Windows sockets, including functions suitable for use as I/O callbacks with our SSL/TLS modules.

Those functions are used only in example/testing programs, but nowhere in the library itself.

In Mbed TLS 3.0, as part of our effort to clean up and minimize our API, we're considering removing (parts of) this module from the library, and moving its parts to a variety of other places, such as example programs (or a library/file shared by them, like the current query_config mechanism).

Reasons for removing this module from the library include:

- overall the module is less portable and perhaps of lesser quality than the rest of the library - it's currently entirely untested on Windows (despite being very platform-specific) - there are often confusions about whether the module is meant to be a general-purpose networking library, or just provide basic support for our example and test, as well a simple prototypes - it's not our core area of expertise, let's do one thing and to it well

Reasons for keeping (parts of) it in the library include:

- having mbedtls_net_recv{,_timeout}() and mbedtls_net_send() available right in the library makes it easier to test and develop prototype - this module is listed as a component in our high-level design document [2], so perhaps removing it from the library can be seen as a bigger change?

[2]: https://tls.mbed.org/high-level-design

What do you think? Should we remove the entire module from the library, keep it all, or just keep some parts? In that case, which parts and where?

Regards, Manuel.