On 9/2/2010 1:43 PM, Chris Muller wrote:
> Shouldn't we stay with the same naming convention, "Cryptography"?

Fine either way. Though the argument could be made that for 
compatibility it might be useful to leave the current "Cryptography" 
alone and have the new packages use slightly different naming 
conventions, such that:

	Crypto + Certificates = Cryptography.

But like I said I'm good either way.

> What is the plan to deal with the redundant classes, such as
> SecureHashAlgorithm and SHA1?

The goal is to get them out of the System package and into the 
Crypto-Core package to further reduce the size of System.

> If RSA is in Cryptography-Core, shouldn't ElGamal and DiffieHellman
> belong in core as well?

Could do. I'm not the expert here, so I'll let others comment. My main 
dividing line is that the core should contain what is widely used and 
practical (i.e., performs well enough to be used in practice). As a 
consequence, MD5, SHA1, SHA256 are all obvious choices since they're 
both widely used and perform well (with prims at least and we may 
require that), whereas for example MD2, MD4 (outdated) and DiffieHellman 
(WAY too slow) are not. RSA, on the other hand, is somewhere in the 
middle - it performs reasonably well (we use it for key exchange in our 
products) but one could easily argue that it's not a common enough 
feature to be required in Core. Not sure on ElGamal.

But in any case, I think I'll leave this to the experts, which I think 
is you, Rob and Ron :-)

Cheers,
   - Andreas

>
>
> On Sat, Aug 28, 2010 at 6:30 AM, Rob Withers<reefedjib at gmail.com>  wrote:
>>
>>
>> --------------------------------------------------
>> From: "Bert Freudenberg"<bert at freudenbergs.de>
>> Sent: Saturday, August 28, 2010 7:13 AM
>> To: "The general-purpose Squeak developers list"
>> <squeak-dev at lists.squeakfoundation.org>
>> Subject: Re: [Cryptography
>> Team]Re:[squeak-dev]DigitalSignatureAlgorithm>>#initRandomNonInteractivelyisnot
>> random
>>
>>>
>>> On 28.08.2010, at 12:59, Rob Withers wrote:
>>>
>>>>
>>>>
>>>> --------------------------------------------------
>>>> From: "Bert Freudenberg"<bert at freudenbergs.de>
>>>> Sent: Saturday, August 28, 2010 6:42 AM
>>>> To: "The general-purpose Squeak developers list"
>>>> <squeak-dev at lists.squeakfoundation.org>
>>>> Cc: "Squeak Crypto"<cryptography at lists.squeakfoundation.org>
>>>> Subject: Re: [Cryptography Team]
>>>> Re:[squeak-dev]DigitalSignatureAlgorithm>>#initRandomNonInteractivelyis not
>>>> random
>>>>
>>>>> It's best to first publish to the inbox. You do not need special
>>>>> permissions for that. Once we're happy with the packages we move them over
>>>>> to trunk.
>>>>
>>>> Done.   The following packages are in the Inbox:
>>>>
>>>> CryptoCore
>>>> CryptoCoreTests
>>>> CryptoExtras
>>>> CryptoExtrasTests
>>>> CryptoCerts
>>>> CryptoCertsTests
>>>>
>>>> All tests pass, although I have not tried to load just CryptoCore and
>>>> CryptoCoreTests and run its tests.
>>>>
>>>> Rob
>>>
>>> Ah, should have commented on the package names - didn't think you're
>>> *that* fast ;)
>>
>> I did the work last night.
>>
>>>
>>> The convention is to use hyphenation. As Andreas suggested, that would be
>>> "Crypto-Core", "Crypto-Core-Tests" etc.
>>
>> The problem with that approach is the the Test package gets included with
>> the core package.  In the example of "Kernel" and "KernelTests" hyphenation
>> is not used.
>>
>> Rob
>>
>>
>>
>>
>
>