Stef, I thought so too until a while ago, but it appears to be long gone. I would enjoy being shown otherwise. However, I still think there is good reason to expose and promote both curl and OpenSSL because they will draw "customers."
Bill -----Original Message----- From: pharo-project-boun...@lists.gforge.inria.fr [mailto:pharo-project-boun...@lists.gforge.inria.fr] On Behalf Of Stéphane Ducasse Sent: Friday, May 22, 2009 5:08 AM To: Pharo-project@lists.gforge.inria.fr Subject: Re: [Pharo-project] Port of Cryptography to Pharo Ok I thought the cryptology package was working well and maintained. Stef On May 22, 2009, at 11:58 AM, Schwab,Wilhelm K wrote: > Agreed: I mentioned both curl and OpenSSL - we should embrace both. > AFACT, the cryptography package is a thing of the past, and we should > look to active projects. Tell me where I'm wrong, please. > > Another reality, fair or not: if we were to take on the enormous > burden of maintaining the cypto package, there would always be > questions about security holes we left open. The same will be true of > OpenSSL, but there is (not always fair) credibility in numbers widely > known projects. There will be would-be users of Pharo who will want > OpenSSL for its reputation, and who would question a home- grown > solution. > > Bill > > > From: pharo-project-boun...@lists.gforge.inria.fr > [mailto:pharo-project-boun...@lists.gforge.inria.fr > ] On Behalf Of Fernando olivero > Sent: Friday, May 22, 2009 4:20 AM > To: Pharo-project@lists.gforge.inria.fr > Subject: Re: [Pharo-project] Port of Cryptography to Pharo > > > Just a comment, > > you could use the new AlienFFI framework to comunicate with curl. > Or reify any C library you want in Pharo. > > Fernando > > > On May 22, 2009, at 5:04 AM, Schwab,Wilhelm K wrote: > >> The most recent post on the crytography mailing list starts out as >> follows: >> >> Since the Cryptography Team doesn't exists anymore, the Cryptography >> package is not maintained by anyone. The SSL implementation doesn't >> allow easy debugging, you can't just turn on logging to see what's >> happening. Following the state machine transitions should give you >> the answer why the handshake isn't succeding. It might be related to >> certificates or TLS->SSL3 fallback. If I were you, I would go with >> curl. >> I think it is time to write a wrapper around open SSL in addition to >> looking at the curl plugin. Trying to write cryptography code from >> scratch and get and keep it right is a huge effort, and pretty >> avoidable, and IMHO, better avoided by letting others do the job. >> Ever read Sun Tzu? >> >> Bill >> >> >> >> From: pharo-project-boun...@lists.gforge.inria.fr >> [mailto:pharo-project-boun...@lists.gforge.inria.fr >> ] On Behalf Of Mariano Martinez Peck >> Sent: Thursday, May 21, 2009 8:51 PM >> To: Pharo Development >> Subject: [Pharo-project] Port of Cryptography to Pharo >> >> I don't know if there is anyone of the developers of the package >> Cryptography but is someone is willing to do the port of it to Pharo? >> Most tests are break and it seems not to work because lots of >> Cryptography methods where in classes like SmallInteger and these >> methods were removed in Pharo. >> >> Regards, >> >> Mariano >> <ATT00001.txt> > > _______________________________________________ > Pharo-project mailing list > Pharo-project@lists.gforge.inria.fr > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list Pharo-project@lists.gforge.inria.fr http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list Pharo-project@lists.gforge.inria.fr http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project
