[Cryptography Team] OpenSSL, Stunnel

Johnathon Meichtry johnathon-dev at meichtry.org
Thu Jul 13 09:19:48 UTC 2006 

Squeak-Crypto-Gods,

I am dying (begging/praying/pleading) for a complete native Squeak 
implementation of OpenSSL and OpenSSH.  They will soon be needed for the 
SqueakNOS project where we don't have access to the services of an 
underlying OS.  Of course SqueakNOS will be fine without it but a whole 
bunch of new opportunities open up with that functionality in place.

I also agree with Franks comments that advisories are now few and far 
between but of course I am saying that as someone who doesn't have the 
skills to either create the port or maintain the code so it's rather too 
easy for me to say ;)

Johnathon


----- Original Message ----- 
From: "Frank Shearar" <frank.shearar at angband.za.org>
To: "Cryptography Team Development List" 
<cryptography at lists.squeakfoundation.org>
Sent: Thursday, July 13, 2006 8:42 AM
Subject: Re: [Cryptography Team] OpenSSL, Stunnel


> "Ron Teitelbaum" <Ron at USMedRec.com> wrote:
>
>> Does anyone have any thoughts about the benefits and drawbacks of having
> the
>> cryptographic code be an external black box?  Are there greater benefits
> to
>> our having implemented our own code, for education and flexibility .  ?
>> Personally I would prefer having the code be in squeak, but I thought the
>> question worth asking.  Should we do both?
>
> A quibble: stunnel _uses_ OpenSSL, so stunnel doesn't provide us with
> anything more as far as crypto's concerned (at least, AFAIK). OpenSSH, on
> the other hand, is quite another story. And I'd love to see those services
> available in Squeak!
>
> I think we should do both: a plugin wrapper allows us to provide strong
> crypto relatively quickly. Then for True Fans, we can write Smalltalk-only
> code and then either slowly phase out the plugins function by function, or
> simply allow people to choose. Oh, and having plugins will provide us with
> handy in-Squeak reference implementations.
>
> My main worry with implementing our code is simply that OpenSSL and 
> OpenSSH
> have been beaten upon for a long time; while we do see advisories coming 
> out
> for them, they're few and far between.
>
> frank
>
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
>

More information about the Cryptography mailing list