At https://github.com/boostorg/asio/pull/283 https://github.com/boostorg/asio/pull/283 I’ve attached a proof-of-concept which explores making ASIO secure by default. The C++ committee is discussing what secure-by-default networking would look like in the soon to be published papers P1860 and P1861. Since the C++ Networking TS is based on ASIO, this seems like a good place to try things out. The implementation uses BoringSSL for its crypto and Security.framework to evaluate certificates against the root certificates trusted by the system. I've implemented enough to see what the API shape would need to be, and it works with basic client and server programs. I’d love to get your feedback on this initial work, including any implementation concerns you have and suggestions on portability. I don’t think the patch is ready to commit as-is.