[Cryptography Team] Team Update

Thu Jun 8 17:05:19 UTC 2006

All,

Well it's amazing how time flies.  With the real world demands on time,
things progress slowly.

Our goals are still the same and can be found on the squeaksource wiki for
Cryptography. ( www.squeaksource.com/Cryptography.html )  I had hoped to
make more progress then we have but we'll take what we can get.  

On the ASN.1 front:  

Our first task was to recommend reading to the group to make sure everyone
knew about ASN, its uses and application to cryptography and computer to
computer communication in general. 

We started with http://www.oss.com/asn1/dubuisson.html .  If you have other
suggested reading about ASN please let us know.

As a group we decided that we should start with an ANS.1 implementation so
that's where we are now.  

We contacted Cincom about their ASN.1 implementation.  James agreed to let
us port the Cincom implementation of ASN.1 to Squeak but would not agree to
allow us to re-license it to Squeak-L or MIT.  Now that we have made
significant progress with the licensing of Squeak in general, when we have a
newly licensed Squeak we can go back and ask James again if we can port the
code.

Paul and I decided to give an implementation a shot in a parallel effort.
We are making progress but nothing worth sharing yet. We have set up a new
repository for that.  We see this a mostly an exercise to learn ANS.1 but
still hold the possibility that functional code may be released from this
effort.  If you would like to know more about what we are doing please let
me know.  

The ASN.1 implementation we are working on uses traits.  Paul found that
using traits made the implementation go much easier.  This is a nice way to
get to know the new trait system for more information on traits see:
http://www.iam.unibe.ch/~scg/Research/Traits/ 

We also recently discussed some issues regarding protecting the image and
the VM, using signed updates to distribute code, and getting our
implementations certified.  So far no progress has been made on those fronts
but if anyone would like to step up and lead an effort in that those areas,
or if you have suggestions on other things we should be working on please
feel free to let us know.

On the legal front we have notified the US Government about our work, so as
long as a US Citizen does not physically export code to a "Terrorist
Country" (meaning take the code copy it to a CD or other format and send it,
or directly email the code to someone in a terrorist country or something
like that) we are protected from export restrictions.  We have not done any
work on export restrictions from other countries so if you live in another
country and have concerns about legal restrictions you are not protected
from this notification and should research issues in your country before
contributing to this effort.  Also let me know and I see what I can do to
help.

If anyone has an update they would like to give about your efforts please
feel free to let us know what you are doing.

Thanks,

Ron Teitelbaum
Cryptography Team Leader