On Mon, 8 Aug 2016 13:13:06 +0200 Alessandro Budroni <[email protected]> wrote:
> To whom I may concern, > > I’m a developer who should take care of this repository > https://github.com/apache/incubator-milagro-tls > <https://github.com/apache/incubator-milagro-tls>. > > Milagro-TLS is a project consisting in expanding the existing library > https://github.com/ARMmbed/mbedtls > <https://github.com/ARMmbed/mbedtls> in order to support two new > pairing-based key-exchange algorithm as explained here > https://datatracker.ietf.org/doc/draft-budronimccusker-milagrotls/ > <https://datatracker.ietf.org/doc/draft-budronimccusker-milagrotls/>. > > From my point of view, instead of having an own repository as it is > now, it would be better to have a fork to ARMmbed/mbedtls, so that it > would be easier to maintain and it will allow us to make a pull > request when the right time will come. Are you saying the milagro-tls library is a fork of mbedtls with relatively little change? A quick look at mbedtls tells me it has what looks like a healthy community quite separate from milagro. Are you active in, or at least known within, that community? If you're saying what I think you are, it might make more sense for you and anyone else concerned with the library to work with them there, to contribute and maintain whatever enhancements are needed by Milagro. The TLS lib then becomes a prerequisite rather than a component of Milagro. Otherwise you'd presumably need to sync regularly, and it'll make the job harder if you're not working with them. Unless milagro's needs could be implemented in a modular fashion to complement rather than replace mbedtls? If that works then it matters much less how to proceed. > It would be possible to achieve this? The first question has to be, what exactly are we trying to achieve in having a separate library in the first place? Then we move on to the question of how best to make it work. -- Nick Kew
