[Cryptography Team] RE: [squeak-dev] Re: Cryptography

Ron Teitelbaum Ron at USMedRec.com
Thu Jul 1 23:37:31 UTC 2010 

Hello,

Here I am.  Very nice to see some movement on cryptography.  Let me know if
there is something I can do to help.

Rob it is very nice to hear from you.  I hope you are doing well.  Please
feel free to run with the Cryptography Team if you have time.  I'll try to
pay a bit more attention.

All the best,

Ron Teitelbaum 
 

> -----Original Message-----
> From: Rob Withers [mailto:reefedjib at yahoo.com]
> Sent: Wednesday, June 30, 2010 2:10 PM
> To: The general-purpose Squeak developers list; Ron Teitelbaum; Squeak
> Cryptography
> Subject: Re: [squeak-dev] Re: Cryptography
> 
> --------------------------------------------------
> From: "C. David Shaffer" <cdshaffer at acm.org>
> Sent: Wednesday, June 30, 2010 12:11 PM
> To: "The general-purpose Squeak developers list"
> <squeak-dev at lists.squeakfoundation.org>; "Ron Teitelbaum"
> <Ron at USMedRec.com>; "Squeak Cryptography"
> <cryptography at lists.squeakfoundation.org>
> Subject: [squeak-dev] Re: Cryptography
> 
> > On 06/29/10 22:36, Rob Withers wrote:
> >> Hi David,
> >>
> >> I am CCing the squeak-dev list.
> >>
> >> I had tried to contact Ron over the weekend, since he is the admin for
> >> the SqueakSource Cryptography package.  I needed to add you as a
> >> member of the Crypto team.   That's right, you are a member now.  I
> >> didn't hear from him so the email address may be bad.   We'll see if
> >> we hear from him in the future.  I hope so.
> >>
> >> Do you have the link to the Crypto mailing list?
> > Yes, do we move this discussion there?
> 
> We can discuss in one or both.  Your choice.  I think the most visibility
> will be from discussing it on squeak-dev.
> 
> >
> >>
> >> I agree we should do this in public.  I would suggest the squeak-dev
> >> list.
> >>
> >> We may have several "forks" and/or subsequent work done from the root
> >> package.
> >>
> >> The root package for SSL is in the Monticello repository
> >> http://www.squeaksource.com/Cryptography, but it may not be the
> >> latest.  I think that the SSL package there is the latest...Whoa!  I
> >> just checked again and new SSL packages were inserted 2 days ago.  The
> >> latest there used to be SSL-rww.4.mcz and now there is a SSL-
> jrd.12.mcz.
> >
> > Yes, I copied the mods from the croquet-source repo.  SSL was easy as
> > there were no forks.  jrd.12 is the version I am using and it is working
> > pretty well.  I did have some intermittent failures when I was first
> > moving to Squeak4.1 but those might have been due to errant versions of
> > the Cryptography package.  I will do a fresh build and verify this
> > version.
> >
> 
> Ah, excellent.  I also have SSL-jrd.12.mcz loaded.
> 
> I have one class in SSL that I use in SqueakElib.  When I load both, it
> rips
> it from one location and places it in another (different categories).
> Stéphane Ducasse has pointed me to metacello
> (http://gemstonesoup.wordpress.com/2009/08/25/metacello-package-
> management-for-monticello/),
> which is a package management system.  It allows one to load dependent
> packages.   You might want to look into it.
> 
> >>
> >> The root package for Cryptography is in the same repository, but it is
> >> less clear which is the latest and greatest.  There is a mixture of
> >> version numbers.  I am using Cryptography-cmm.13.mcz.   All tests pass
> >> except for a Rindael test and an X509 test (due to bad validity dates).
> >>
> >> I know there is packages in
> >> http://croquet-src-01.oit.duke.edu:8886/Contributions.   SSL look like
> >> the ones now in the Cryptography repository above.   The Cryptography
> >> packages in Contributions look like they are also in the Cryptography
> >> repository, but mixed up with other work.  In Contributions, there is
> >> the sequence of packages:
> >>
> >> Cryptography-RJT.10.mcz (the root package)
> >> Cryptography-jrd.11.mcz
> >> Cryptography-jrd.12.mcz
> >> Cryptography-mtf.13.mcz
> >>
> >> These are interwoven with other packages in the Cryptography
> >> repository, with the same version numbers.
> >
> > Right, there are several forks to be reconciled.  FWIW I am running
> > mtf.13 as none of the versions from the original Cryptography repo had
> > ASN.1 support needed to do SSL (SSL30 or TLS10/11).  Unfortunately this
> > version fails CryptoX509Test>>testSignatureValidation (as well as the
> > Rindael test you mentioned).  I am hoping the harvesting from the other
> > forks will take care of this.
> 
> I need to fix the X509 error.
> 
> >
> > At this point all of the croquet-source versions are in their rightful
> > place in the Cryptography project on SqueakSource.  The SqueakSource
> > project contains no license information.  It would be a very good idea
> > to assign a license so that all contributions to this repo are
> > automatically assigned that license.  I think Ron needs to guide this
> > process as this is his baby.  At the very least Ron and all other
> > contributors need to be asked to accept whatever license is selected or
> > we will have to re-write those portions.  I am happy to try to track
> > everyone down but not without making sure Ron is receptive to this.
> >
> 
> It was understood that we were doing work under the MIT license.  It was
> open development for anyone's use.  I set the license in the Cryptography
> repo.
> 
> Rob
> 
> > David
> >
> >

More information about the Cryptography mailing list