[Vm-dev] Cryptography in the main image and Plugins build for theVMs

Rob Withers reefedjib at yahoo.com
Fri Jul 9 02:00:57 UTC 2010


--------------------------------------------------
From: "Steve Wart" <steve at wart.ca>
Sent: Thursday, July 08, 2010 7:50 PM
To: "Squeak Virtual Machine Development Discussion" 
<vm-dev at lists.squeakfoundation.org>
Cc: "Squeak Crypto" <cryptography at lists.squeakfoundation.org>; "Squeak Dev" 
<squeak-dev at lists.squeakfoundation.org>
Subject: Re: [Vm-dev] Cryptography in the main image and Plugins build for 
theVMs

>
> Given that cryptography still faces export restrictions, would this
> cause problems for OSS distributions that want to include Squeak?
>

I am not familiar with which pieces of Cryptography are export restricted 
and which are not.   According to the Java SDK Crypto docs 
(http://download.oracle.com/docs/cd/E17476_01/javase/1.4.2/docs/guide/security/CryptoSpec.html#Architecture) 
DSA, MD5 and SHA-1 are at least distributable.  This obviously reduces the 
attractiveness of including Crypto in the image, were we to have to split 
the package into exportable and non-exportable packages.

> Also I'm not sure that people who want to minimize their image size
> would benefit. Why can't Cryptography be easily loaded by people who
> need it?

People may not know where it resides.  It is not a part of the trunk.  It is 
in a SqueakSource repository.

Thanks,
Rob

>
> Steve
>
> On Thu, Jul 8, 2010 at 2:07 AM, Rob Withers <reefedjib at yahoo.com> wrote:
>>
>> Hi all,
>>
>> I would like to propose that Cryptography be included as part of the 
>> image,
>> by default.  As it stands now it is in the Cryptography repository, which
>> most don't seem to know about or there are one-off copies that are 
>> developed
>> separately.  David Shaffer has been stewarding a reintegration of these
>> forks and ensuring the tests pass.  Everyone should be able to take
>> advantage of the algorithms provided by the Cryptography package.
>>
>> Along the same lines, it would be a great help for the vm providers to
>> include the CryptographyPlugins when they build a new vm.  I believe 
>> there
>> are 3 plugins and they really ought to be build internally, since they 
>> are
>> unchanging.
>>
>> I would like to hear what others think of the possibility of making this
>> change.
>>
>> Thank you,
>> Rob
>>
>>
>> 


More information about the Vm-dev mailing list