Know your SCM_RIGHTS

In 2018, Vlad Krasnov discussed how Cloudflare implemented TLS 1.3 on top of the Go TLS library and made a Go replica of nginx-ssl (go-ssl). The challenge was to make two different processes written in two different programming languages share the same TCP socket. They used Linux's SCM_RIGHTS feature, which allows passing file descriptors between applications using UNIX-domain sockets. This method enabled Cloudflare to implement TLS 1.3 without affecting customers or clients who did not enable it and allowed for quick iteration and frequent releases.