Matthew S. Hamrick Sent: Tuesday, January 10, 2006 11:05 AM
Before you get anything resembling commercial adoption of a language, there are a couple things that need to be addressed:
- Manageability
- Security
- Internationalization
- Data Persistence
I think Squeak has _something_ to say in all these areas, but for the security section to be "approved" by CIOs and application developers, you have to have quality documentation and appropriate tests to insure your implementation is implemented correctly, does not leak sensitive information and does not generally weaken the overall security of the system (ala WinXP SP2).
I totally agree with Matt. I have two main goals, one to contribute to building tools that are usable and acceptable so that we can gain more corporate acceptance with squeak, and two to build cryptography into a commercial product that is written is squeak for my company. (also to support other protocol frameworks and make them available to the squeak community, like X.12, HL7, NCPDP)
I believe the only way to do that safely is to do it publicly and to have the work written, reviewed and tested (and possibly broken) by people with a lot of experience in this field.
Hopefully we can grow as a team and find a way to prove the potential for Squeak and Smalltalk.
Does anyone have a suggestion for how to certify our code? I think it would be helpful if what we have done to prove our work (testing documentation ...), the qualifications of the person writing the code, and any reference materials were all kept in a single place. It would be helpful as a reference for others, and some proof that may be needed before someone considers adoption. What do you all think?
Ron Teitelbaum Squeak Cryptography Team Leader