Hi Krishna,
If you are still interested in joining the group, I thought I'd remind you to introduce yourself to the team: cryptography@lists.squeakfoundation.org
Thank you for your interest, I'm looking forward to working with you!
Ron Teitelbaum
-----Original Message----- From: Krishna Sankar [mailto:ksankar@doubleclix.net] Sent: Monday, October 09, 2006 4:28 PM To: Ron@USMedRec.com Subject: RE: [Cryptography Team] Welcome New Members and Update
Thanks. Some answers.
What brings you to Smalltalk in general? What is your experience with the language?
<KS> I got introduced to Squeak thru the OLPC effort. Have been thinking about designing a program to introduce Chamber Music to kids. I also have been studying the various aspects of OLPC, mesh networking et al.
I am new to Smalltalk. Have worked on languages from FORTRAN to Pascal to Ada to COBOL to Java. Have been looking for an opportunity to work on Smalltalk (without a goal usually the work would be peripheral)... May be this is one, may be not.
</KS> > What made you want to join the team, what are you looking to > get out of your participation? > <KS> This is an interesting problem - from implementation thru certification - especially in the security domain; experience in open source work, programming (I like to program stuff, sometimes get too much into the .ppt land ;o(), exploring nuances of cryptography, experience in Smalltalk and finally contribution to OLPC. </KS> > Your background in government standards and background in > cryptography would certainly qualify you to organize our > efforts. I look forward to discussing it with you and other > members of the team. Could you give me some more info on you > background? I would be interested in reading your stuff, can > you point me to your work? > <KS> Here is a quick list of security related stuff. Pl let me know if this is enough.
My background is in interpreting and developing software as per government standards like MIL-STD-1521/1520, MIL-STD-490/498/499 and DoD-STD- 2167A/2168. Also was involved reviewing network related documents.
I am the lead author of the Cisco Press WLAN Security book - http://www.ciscopress.com/authors/bio.asp?a=9ed11cfa-9067-4205-8110- 76358f317825&rl=1
When java was new, I had been part of a few Java Books - now they all look very old and trivial ;o( In my book Java 1.2 Class Libraries Unleashed, I had covered the cryptography as well.
I also have been involved with the NIST/Internet2 PKI workshop - http://middleware.internet2.edu/pki04/
I also was part of Web Services standards like SAML et al.
Also have been doing security stuff as a part of my work for sometime.
</KS>
Cheers
<k/> > -----Original Message----- > From: Ron Teitelbaum [mailto:Ron@USMedRec.com] > Sent: Monday, October 09, 2006 11:00 AM > To: 'Krishna Sankar' > Subject: RE: [Cryptography Team] Welcome New Members and Update > > Krishna, > > Thank you for volunteering, I will be very happy to help you > in any way I can. I have some questions for you. > > What brings you to Smalltalk in general? What is your > experience with the language? > > What made you want to join the team, what are you looking to > get out of your participation? > > Your background in government standards and background in > cryptography would certainly qualify you to organize our > efforts. I look forward to discussing it with you and other > members of the team. Could you give me some more info on you > background? I would be interested in reading your stuff, can > you point me to your work? > > As for the slang code in squeak for SHA256: There are already > plug-in written for SHA1, which can serve as a working > prototype of the things that could be done for SHA256. I > wrote the SHA256 Smalltalk code and I used the SHA1 > implementation as a guide. The similarity should definitely > make writing the plug-in much easier. You would need to load > the VMMaker to get the SHA1 code. Are you familiar with the > VMMaker or slang? > > I look forward to working with you! > > Ron > > > > From: Krishna Sankar > > Sent: Monday, October 09, 2006 1:21 PM > > > > Ron, > > > > Thanks for the e-mail. Even though this is a personal > e-mail to you, > > I will send an intro to the list. > > > > I would be happy to work on the Cryptography Security > Validation > > effort. While I do not have background on Common Criteria, > I am well > > versed with most of the cryptography aspects (I also have > written on > > WLAN security as well as Java Security plus have been involved with > > PKI NIST workshop et al) I also have background on Govt standards. > > Would this be sufficient to participate, may be even as a sub-lead ? > > > > May be it is a good idea to start with the SHA256 > plug-in. Would > > appreciate your thoughts on the efforts and guidance, as this is my > > first foray into Squeak. > > > > Cheers > > <k/> > > > -----Original Message----- > > > From: cryptography-bounces@lists.squeakfoundation.org > > > [mailto:cryptography-bounces@lists.squeakfoundation.org] > On Behalf > > > Of Ron Teitelbaum > > > Sent: Monday, October 09, 2006 9:26 AM > > > To: 'Cryptography Team Development List' > > > Subject: [Cryptography Team] Welcome New Members and Update > > > > > > All, > > > > > > We have a few new members. I would like to welcome you > to the list > > > and invite you to introduce yourselves to the list if you feel so > > > inclined and please let us know what your interests in > cryptography > > > are, and what you hope to get from this group. > > > > > > We have discussed previously that we might want to build > Slang plug > > > in representations of some of our cryptographic primitives to > > > improve performance. There appears to be support for including > > > those primitives internally in the base VM for the different > > > platforms, I would like to take advantage of this > opportunity. If > > > anyone has a plug in they would like to have included in the VM > > > maker and then in new VM Builds please submit it to this list for > > > review. (Rob could you enter a mantis bug requesting that we > > > include the DES plug in with future builds of VM’s?). We > need the > > > SHA256 plug in written (I have not had time to do it ☹, > but I will > > > get to it if nobody volunteers). Are there suggestions for other > > > plug ins that need to be written? > > > > > > Also I would like us to consider looking at the fips > common criteria > > > http://niap.bahialab.com/cc-scheme/cc_docs/index.cfm > > > . My feeling is that more testing can not be bad for our > > > cryptography code, and that the more we can accomplish in > this area > > > the closer we are to considering getting certified ourselves. It > > > does not make sense to hire a lab until we are satisfied > internally > > > that we will pass. > > > > > > Because this is a large process it would be easy to consider this > > > too difficult a task to complete. The major reason to > discount this > > > problem is that we have no deadline. This means that with proper > > > organization anyone with some spare time can contribute > and move us > > > forward. What we need is someone to help provide this > organization. > > > That person needs to be very familiar with the common criteria, > > > should have considerable experience in the cryptography field and > > > should have good organization skills. The job is not complicated > > > and I don’t expect that it should take much time (about 1 hour a > > > month after initial startup). That person would be > responsible for > > > developing a short list of tasks that need to be > accomplished, would > > > work to help find people to validate work that is already > completed, > > > and would tell the community when the work is done. I > would suggest > > > that this person would carry the official title of Squeak > > > Cryptography Security Validation Officer. > > > > > > Anyone want to volunteer? Anyone have suggestions on how > to elect > > > that person if we get volunteers? > > > > > > Along with providing a direction for the group we need > some people > > > with any time to spare to volunteer to work with that > leader and the > > > rest of the team to add the tests and code necessary to meet the > > > requirements of the common criteria. > > > This type of work is really a wonderful chance to learn > > > Cryptography. It allows you to learn about areas that > you might not > > > be familiar with, not to mention being a very valuable > way for you > > > to contribute to this team. > > > > > > Again welcome new members, > > > > > > Ron Teitelbaum > > > Squeak Cryptography Team Leader > > > Ron@USMedRec.com > > > > > > _______________________________________________ > > > Cryptography mailing list > > > Cryptography@lists.squeakfoundation.org > > > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cry > > ptography > > > > > > > >
cryptography@lists.squeakfoundation.org