[Cryptography Team] RFC: Consolidating the Cryptography library
fora general release
Robert Withers
reefedjib at yahoo.com
Sat Apr 21 15:30:56 UTC 2007
Hi Ron,
On Apr 20, 2007, at 7:53 PM, Ron Teitelbaum wrote:
> Hi Rob,
>
> Very cool about the SMIME work I'm looking forward to working with it.
I have one last bug to fix for signatures.
> There is some working and useful code in MSCerts and I need to
> review TLS
> for any dependencies. Also the work that I started which
> integrates SSL
> with Kom is there, I think in the tls package, so as long as we
> don't delete
> them I'm ok with renaming them. Were you planning on moving SSL
> and SMIME
> into another repository or just renaming them within the Cryptography
> repository?
I was just going to re-categorize them and republish them as SSL and
SMIME, but leave them in this repository. I have already done this
locally for SMIME, but I am waiting for the go ahead on the
consolidation.
> We originally separated them out so that someone could select which
> components they needed.
I thought it was done to assist with concurrent development, but most
of it is stable now.
> I agree with you that this introduced some load
> dependencies. Also the size of the classes themselves is not large
> enough
> to really warrant their own packages. We probably introduced more
> problems
> and confusion then we solved. So I agree with your suggestion and
> would
> support having one cryptography package with all the component
> algorithms,
> and then separate packages for applications. I should also move my
> KeyHolder and my PasswordSaltAndStretch somewhere. I'm not sure
> they are
> components but they are not really applications either. Suggestions?
I think something in RC2 or something uses KeyHolder, et al. Let's
leave them in.
So you agree with my package allocation?
Rob
>
> Ron
>
>> -----Original Message-----
>> From: Robert Withers
>>
>> This is a request for comment on consolidating the Cryptography
>> library for a general release. What I mean by that is consolidating
>> to a single Monticello package, that would allow users to one-click
>> load the basic library. Currently there is an implicit load order
>> which most users don't know. We still don't have Configuration
>> support so that isn't a solution right now.
>>
>> If this idea is supported, I suggest we look at all the packages and
>> decide which are "in", then generate the Cryptography package with
>> these packages loaded.
>>
>> Those packages that are not included, like Cryptography-SMIME for
>> instance, should really be renamed to not have the Cryptography-
>> prefix. The old versions can be deleted to keep things clean.
>>
>> Those packages that are selected, and are determined to be complete,
>> could be deleted as independent packages and we would just rely on
>> them being in the consolidated package and develop there when
>> needed. After this first step is completed, we could reassign the
>> classes to a more compact categorization.
>>
>> Below is a list of the packages. Please vote and if your vote is
>> yes, what are your package recommendations as described below.
>>
>> Rob
>>
>> Packages:
>> Those with a '*' in front are my suggestions as to which is to be
>> included in Cryptography. Those with a '!' in front are my
>> suggestions as to which should be renamed away from Cryptography-.
>> Those with a '+++' are candidates for deletion, since they have been
>> superseded.
>>
>> * Cryptography-ARC2
>> * Cryptography-ASN1
>> * Cryptography-Core
>> * Cryptography-DES
>> * Cryptography-DSA
>> * Cryptography-ElGamal
>> * Cryptography-MD4
>> * Cryptography-MD5
>> * Cryptography-PKCS12
>> * Cryptography-RC4
>> * Cryptography-RSA
>> * Cryptography-RandomAndPrime
>> * Cryptography-Rijndael
>> * Cryptography-SHA1
>> * Cryptography-SHA256
>> ! Cryptography-SMIME
>> ! Cryptography-SSL
>> * Cryptography-Tests
>> * Cryptography-X509
>> +++Fortuna (this exists in RandomAndPrime)
>> ! Cryptography-MSCerts
>> +++Cryptography-TLS (this is superseded by SSL)
>> OpenPGP
>>
>> _______________________________________________
>> Cryptography mailing list
>> Cryptography at lists.squeakfoundation.org
>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/
>> cryptography
>
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/
> cryptography
More information about the Cryptography
mailing list