Ken, I tried to upload the cs from Rob to the wiki site, this is a temp working package until we get a repository going. Can you give me upload rights to the wiki?
Rob, Thanks for the suggestions. Yes we plan to have a Monticello repository once we get the go ahead for the team. There is already an external package, although as you mentioned we need to covert it. I agree with your suggestion to have a cryptography package (Squeak Map), a cryptography base in the image (removing duplication in package), and a cryptography protocols package. We are still limited to formalities of starting the team.
I started a notes page on the wiki page http://minnow.cc.gatech.edu/squeak/cryptography and added your instructions there. I attached the cs here until we can get it on to the wiki, or into the repository.
Ron
_____
From: cryptography-bounces@lists.squeakfoundation.org [mailto:cryptography-bounces@lists.squeakfoundation.org] On Behalf Of Rob Withers Sent: Thursday, October 20, 2005 2:06 PM To: Cryptography Team Development List Subject: Re: [Cryptography Team] Welcome again to the Cryptography Team
Regarding Squeak's support for ASN1 DER, if you load the crypto package and then you can
1) browse implementers of #encodeAsnDer for the marshalling side and browse ASN1Value class>>#fromAsnDer: for the unmarshalling side. I used OrderedCollection to represent the SEQUENCE Der object.
2) Take a look at the ASN1TestCase for tests of Null, Integer, Sequence and BitString.
There is also an implementation of DSAPublicKey>>encodeAsnDer which attaches the subOid for just the Public Subject Key structure out of x509. I use this to exchange the public key for Diffie Hellman in the SqueakElib implementation. This is where things fall of the cliff, since I didn't define any other x509 ASN1 structures, for instance a DSA Certificate, which is a superset structure which includes the DSA Public Subject Key structure. Since SqueakElib (Elib) does not use third party Certificate Servers, I don't need the full blown Certificate structure, but this is what I think of when I read you to say we need to look at the ASN1 implementation and support x509.
Regarding the packaging: I am also confused why we have multiple implementations. I like having an external base crypto module, repackaged as a Monticello package, and remove any in-base-image pieces. If we want to deploy the Crypto module in that base image, that's cool, but it should be maintained and developed as a separate package, so we don't duplicate. I also see the base Crypto module as filled with base algorithms, then have separate Monticello modules for each protocol or for advanced ciphers. Then we can leverage the module dependency mechanism. Is there a server where we could store a primary Monticello repository for crypto packages, base and protocol?
thanks for setting this in motion,
Robert
Ron Teitelbaum Ron@USMedRec.com wrote:
All,
Hopefully the mailing list will make it easier for us all to communicate.
As Sean pointed out this group has a lot of work to do and the work is not easy. But that doesn't mean it has to be unpleasant. I hope that we can make it enjoyable for everyone. We are still planning what needs to be done.
The current open items are:
Review ANS1.
Download Cincom non-commercial version when you get a chance.
Wait for response from Mr. Robertson at Cincom about license issues and support.
Thanks again for your participation,
Ron
_______________________________________________ Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography