[Cryptography Team] RFC: Consolidating the Cryptography library
fora general release
Ron Teitelbaum
Ron at USMedRec.com
Sat Apr 21 02:53:07 UTC 2007
Hi Rob,
Very cool about the SMIME work I'm looking forward to working with it.
There is some working and useful code in MSCerts and I need to review TLS
for any dependencies. Also the work that I started which integrates SSL
with Kom is there, I think in the tls package, so as long as we don't delete
them I'm ok with renaming them. Were you planning on moving SSL and SMIME
into another repository or just renaming them within the Cryptography
repository?
We originally separated them out so that someone could select which
components they needed. I agree with you that this introduced some load
dependencies. Also the size of the classes themselves is not large enough
to really warrant their own packages. We probably introduced more problems
and confusion then we solved. So I agree with your suggestion and would
support having one cryptography package with all the component algorithms,
and then separate packages for applications. I should also move my
KeyHolder and my PasswordSaltAndStretch somewhere. I'm not sure they are
components but they are not really applications either. Suggestions?
Ron
> -----Original Message-----
> From: Robert Withers
>
> This is a request for comment on consolidating the Cryptography
> library for a general release. What I mean by that is consolidating
> to a single Monticello package, that would allow users to one-click
> load the basic library. Currently there is an implicit load order
> which most users don't know. We still don't have Configuration
> support so that isn't a solution right now.
>
> If this idea is supported, I suggest we look at all the packages and
> decide which are "in", then generate the Cryptography package with
> these packages loaded.
>
> Those packages that are not included, like Cryptography-SMIME for
> instance, should really be renamed to not have the Cryptography-
> prefix. The old versions can be deleted to keep things clean.
>
> Those packages that are selected, and are determined to be complete,
> could be deleted as independent packages and we would just rely on
> them being in the consolidated package and develop there when
> needed. After this first step is completed, we could reassign the
> classes to a more compact categorization.
>
> Below is a list of the packages. Please vote and if your vote is
> yes, what are your package recommendations as described below.
>
> Rob
>
> Packages:
> Those with a '*' in front are my suggestions as to which is to be
> included in Cryptography. Those with a '!' in front are my
> suggestions as to which should be renamed away from Cryptography-.
> Those with a '+++' are candidates for deletion, since they have been
> superseded.
>
> * Cryptography-ARC2
> * Cryptography-ASN1
> * Cryptography-Core
> * Cryptography-DES
> * Cryptography-DSA
> * Cryptography-ElGamal
> * Cryptography-MD4
> * Cryptography-MD5
> * Cryptography-PKCS12
> * Cryptography-RC4
> * Cryptography-RSA
> * Cryptography-RandomAndPrime
> * Cryptography-Rijndael
> * Cryptography-SHA1
> * Cryptography-SHA256
> ! Cryptography-SMIME
> ! Cryptography-SSL
> * Cryptography-Tests
> * Cryptography-X509
> +++Fortuna (this exists in RandomAndPrime)
> ! Cryptography-MSCerts
> +++Cryptography-TLS (this is superseded by SSL)
> OpenPGP
>
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
More information about the Cryptography
mailing list