[Cryptography Team] RE: [squeak-dev] Re: Cryptography
Ron Teitelbaum
Ron at USMedRec.com
Thu Jul 1 23:37:31 UTC 2010
Hello,
Here I am. Very nice to see some movement on cryptography. Let me know if
there is something I can do to help.
Rob it is very nice to hear from you. I hope you are doing well. Please
feel free to run with the Cryptography Team if you have time. I'll try to
pay a bit more attention.
All the best,
Ron Teitelbaum
> -----Original Message-----
> From: Rob Withers [mailto:reefedjib at yahoo.com]
> Sent: Wednesday, June 30, 2010 2:10 PM
> To: The general-purpose Squeak developers list; Ron Teitelbaum; Squeak
> Cryptography
> Subject: Re: [squeak-dev] Re: Cryptography
>
> --------------------------------------------------
> From: "C. David Shaffer" <cdshaffer at acm.org>
> Sent: Wednesday, June 30, 2010 12:11 PM
> To: "The general-purpose Squeak developers list"
> <squeak-dev at lists.squeakfoundation.org>; "Ron Teitelbaum"
> <Ron at USMedRec.com>; "Squeak Cryptography"
> <cryptography at lists.squeakfoundation.org>
> Subject: [squeak-dev] Re: Cryptography
>
> > On 06/29/10 22:36, Rob Withers wrote:
> >> Hi David,
> >>
> >> I am CCing the squeak-dev list.
> >>
> >> I had tried to contact Ron over the weekend, since he is the admin for
> >> the SqueakSource Cryptography package. I needed to add you as a
> >> member of the Crypto team. That's right, you are a member now. I
> >> didn't hear from him so the email address may be bad. We'll see if
> >> we hear from him in the future. I hope so.
> >>
> >> Do you have the link to the Crypto mailing list?
> > Yes, do we move this discussion there?
>
> We can discuss in one or both. Your choice. I think the most visibility
> will be from discussing it on squeak-dev.
>
> >
> >>
> >> I agree we should do this in public. I would suggest the squeak-dev
> >> list.
> >>
> >> We may have several "forks" and/or subsequent work done from the root
> >> package.
> >>
> >> The root package for SSL is in the Monticello repository
> >> http://www.squeaksource.com/Cryptography, but it may not be the
> >> latest. I think that the SSL package there is the latest...Whoa! I
> >> just checked again and new SSL packages were inserted 2 days ago. The
> >> latest there used to be SSL-rww.4.mcz and now there is a SSL-
> jrd.12.mcz.
> >
> > Yes, I copied the mods from the croquet-source repo. SSL was easy as
> > there were no forks. jrd.12 is the version I am using and it is working
> > pretty well. I did have some intermittent failures when I was first
> > moving to Squeak4.1 but those might have been due to errant versions of
> > the Cryptography package. I will do a fresh build and verify this
> > version.
> >
>
> Ah, excellent. I also have SSL-jrd.12.mcz loaded.
>
> I have one class in SSL that I use in SqueakElib. When I load both, it
> rips
> it from one location and places it in another (different categories).
> Stéphane Ducasse has pointed me to metacello
> (http://gemstonesoup.wordpress.com/2009/08/25/metacello-package-
> management-for-monticello/),
> which is a package management system. It allows one to load dependent
> packages. You might want to look into it.
>
> >>
> >> The root package for Cryptography is in the same repository, but it is
> >> less clear which is the latest and greatest. There is a mixture of
> >> version numbers. I am using Cryptography-cmm.13.mcz. All tests pass
> >> except for a Rindael test and an X509 test (due to bad validity dates).
> >>
> >> I know there is packages in
> >> http://croquet-src-01.oit.duke.edu:8886/Contributions. SSL look like
> >> the ones now in the Cryptography repository above. The Cryptography
> >> packages in Contributions look like they are also in the Cryptography
> >> repository, but mixed up with other work. In Contributions, there is
> >> the sequence of packages:
> >>
> >> Cryptography-RJT.10.mcz (the root package)
> >> Cryptography-jrd.11.mcz
> >> Cryptography-jrd.12.mcz
> >> Cryptography-mtf.13.mcz
> >>
> >> These are interwoven with other packages in the Cryptography
> >> repository, with the same version numbers.
> >
> > Right, there are several forks to be reconciled. FWIW I am running
> > mtf.13 as none of the versions from the original Cryptography repo had
> > ASN.1 support needed to do SSL (SSL30 or TLS10/11). Unfortunately this
> > version fails CryptoX509Test>>testSignatureValidation (as well as the
> > Rindael test you mentioned). I am hoping the harvesting from the other
> > forks will take care of this.
>
> I need to fix the X509 error.
>
> >
> > At this point all of the croquet-source versions are in their rightful
> > place in the Cryptography project on SqueakSource. The SqueakSource
> > project contains no license information. It would be a very good idea
> > to assign a license so that all contributions to this repo are
> > automatically assigned that license. I think Ron needs to guide this
> > process as this is his baby. At the very least Ron and all other
> > contributors need to be asked to accept whatever license is selected or
> > we will have to re-write those portions. I am happy to try to track
> > everyone down but not without making sure Ron is receptive to this.
> >
>
> It was understood that we were doing work under the MIT license. It was
> open development for anyone's use. I set the license in the Cryptography
> repo.
>
> Rob
>
> > David
> >
> >
More information about the Cryptography
mailing list