Implementing SSL for a limited-resource platform is not an easy task, given that the protocol itself was originally designed for maximum security, not optimal performance; it was likely assumed that SSL implementations would be able to use the relatively vast resources of PCs. However, SSL makes perfect sense for many embedded applications, especially for HTML-based interfaces and remote configuration and monitoring. Despite the large resource requirements of SSL, the protocol’s flexibility provides us with many opportunities for saving memory and CPU time. This paper covers the design decisions faced by an embedded SSL implementor and how those decisions affect resource utilization and adherence to the protocol.