Re: Choosing an implementation language

2003-10-20 Thread Gary Ellison 
> " " == Eric Rescorla <[EMAIL PROTECTED]> writes:

 > Tyler Close <[EMAIL PROTECTED]> writes:
>> On Thursday 02 October 2003 09:21, Jill Ramonsky wrote:
>> > I was thinking of doing a C++ implentation with classes and
>> > templates and stuff.  (By contrast OpenSSL is a C
>> > implementation). Anyone got any thoughts on that?
>> 
>> Given the nature of recent, and past, bugs discovered in the
>> OpenSSL implementation, it makes more sense to implement in a
>> memory-safe language, such as python, java or squeak. Using a VM
>> hosted language will limit the pool of possible users, but might
>> create a more loyal user base.

 > There's already a Java SSL with a simple API:
 > http://www.rtfm.com/puretls/

There is also a standardized and widely distributed implementation and
API. JSSE is bundled with J2SE as of v 1.4:
http://java.sun.com/products/jsse/

--
mailto:[EMAIL PROTECTED]
   "Knowledge speaks, but wisdom listens." -- Jimi Hendrix

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: WYTM?

2003-10-20 Thread Peter Gutmann 
Thor Lancelot Simon <[EMAIL PROTECTED]> writes:

>I believe the VanDyke implementation also supports X.509, and interoperates
>with the ssh.com code.  It was also my perception that, at the time, the
>VanDyke guy was basically shouted down when trying to discuss the utility of
>X.509 for this purpose and put his marbles back in his cloth sack and went
>home.

Are there any known servers online that offer X.509 (or PGP) mechanisms in
their handshake?  Both ssh.com and VanDyke are commercial offerings so it's
not possible to look at the source code to see what they do, and I'm not sure
that I want to run the gauntlet of getting some sample copy of a commercial
app (if they're available) and figuring out how to set it up to work with
certs just to see what the data format is supposed to be...

Peter.

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]