<div><villain type="mustachioed"></div><div><br></div>I think crypto is a strong candidate for "community supported package."<div><br></div><div>I want to say that I think this is incredibly admirable work; the educational value alone cannot be overstated. I've been meaning to look at this stuff, because I think it's endlessly cool, and I pray my next statement will harm none...</div>
<div><br></div><div>I also think that crypto vetted by such a small community is extremely *dangerous*, if just because new users might confuse it with the much more well-vetted platform crypto that most programming systems make use of (I'm ill-educated here, so forgive me if I'm totally ignorant of something critical; I hope that WithPrimitive means "hooks into platform crypto," not "goes faster.")</div>
<div><br></div><div></villain></div><div><br><div class="gmail_quote">On Thu, Aug 26, 2010 at 9:48 PM, Andreas Raab <span dir="ltr"><<a href="mailto:andreas.raab@gmx.de">andreas.raab@gmx.de</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im">On 8/26/2010 4:02 PM, Chris Muller wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Folding Cryptography into Squeak would probably go against the<br>
political momentum toward smaller, more modular images.<br>
</blockquote>
<br></div>
I'm not entirely sure about this. The problems with the Crypto package as I see it are:<br>
<br>
1) It carries a lot of dead weight. It might be educational to carry an implementation of MD2 but it's also completely *useless*. So my take here would be to have two packages "Crypto-Core" and "Crypto-Extras" and move all of the non-essential stuff to Crypto-Extras.<br>
<br>
2) It has too many variations (all those *WithPrimitive and *NonPrimitive) variants. There's no need to have both; write the primitive variants so that they use non-primitive fallback code or simply require the primitives.<br>
<br>
3) ASN1, X509, PKCS. This is not cryptography, this is certificate handling. It should be in a Certificates package, not Cryptography.<br>
<br>
4) A category per class. Puh-lease...<br>
<br>
If you do all of the above you'll end up with one or two "Crypto-Core" categories containing all of the "essentials" like MD5, Triple DES, DSA, RSA, SHA1, SHA256. That's probably about what you'd want in the base image and I'd be surprised if it's more than 20 classes. I think you could make a *very* reasoned case that this Crypto-Core should be included in the trunk image by default in particular considering that it would remain loadable and simplify the System (and other) packages.<br>
<br>
Then you have Crypt-Extras with the less common stuff, from MD2 to DiffieHelman. On top of which is the Certificate package with ASN1, X509, and PKCS. On top of which is the SSL stuff.<br>
<br>
I think this would be quite a nice structure and I'd be supporting getting a small Crypto-Core package into trunk. Anyone up for it?<br>
<br>
Cheers,<br><font color="#888888">
- Andreas<br>
<br>
</font></blockquote></div><br><br clear="all"><br>-- <br>Casey Ransberger<br>
</div>