Ken,

Cryptography,

Team goals: 

1) Identify and isolate Cryptographic classes and define SM package for base
image classes.
2) Maintain Current Cryptography Standards in the image.
3) Make sure that the external package stays current with image
implementations. (SHA1 and SecureHashAlgorithm are copies of each other but
there were differences in implementations.  I'm not sure why we need both
but there you are.).
4) Fix errors in Cryptography in package or in image like
ThrityTwoBitRegister, The byteArray appears to be implemented backwards.  We
will need rights to make/change assignments in Mantis.
5) Get external US Government certification of Security for external package
and image components.
6) Research and add cryptography as necessary to stay current with
cryptographic changes in the industry.
7) Support CACert.
8) Integrate Signatures and Encryption into Email Packages.
9) Write Security Articles for cross promotion with squeak news team (and
publish some articles outside this group for squeak promotion).
10) Start Cryptography list for people using the internal or external
package for cryptographic news and alerts, or changes in implementations
planned so that consumers of the cryptographic code can understand what
changes are needed to integrate new code.

Oh yeah and get volunteers, if any, to join the team.

Scratching, 
Ron

-----Original Message-----
From: squeak-dev-bounces at lists.squeakfoundation.org
[mailto:squeak-dev-bounces at lists.squeakfoundation.org] On Behalf Of Ken
Causey
Sent: Wednesday, October 19, 2005 12:30 PM
To: Ron at USMedRec.com
Cc: The general-purpose Squeak developers list
Subject: Cryptography Team (was RE: Need to do something)

Ron,

This is great, thank you!

Where we need to start here though is in defining what you see yourself
(your team) being responsible for.  The issue is that there is no
current Cryptography PackageInfo defining the classes that would come
under that definition.  Also there is already an SM package with this
name.  The image itself contains at least a few Crypto related classes
like DigitalSignatureAlgorithm, SecureHashAlgorithm, etc.  The SM
package is distince from this and includes many other classes.

What we are really asking for here is maintainers for the code in the
image.  That doesn't necessarily mean that you can't adopt an external
package like Cryptography, but that doesn't (I don't think) come under
the 'Need to do something' category.

At any rate what I'm asking here, first of all, is simply a clear
definition from you as to what you see such a team covering?

Ken

On Wed, 2005-10-19 at 11:37 -0400, Ron Teitelbaum wrote:
> Göran,
> 
> 	I volunteer to maintain Cryptography. 
> 
> Ron
> 
> -----Original Message-----
> From: Cees De Groot [mailto:cdegroot at gmail.com] 
> Sent: Wednesday, October 19, 2005 11:27 AM
> To: Ron at usmedrec.com; The general-purpose Squeak developers list
> Subject: Re: Need to do something
> 
> Well, number 2) of course ;)
> 
> On 10/19/05, Ron Teitelbaum <Ron at usmedrec.com> wrote:
> > So what do you suggest?
> >
> > 1) Email everyone that has ever touched the package?
> > 2) Volunteer to maintain the package myself?
> > 3) I posted the class to Mantis( http://bugs.impara.de/view.php?id=2086
),
> > should I just assume that that is good enough?
> > 4) Forget it and keep the changes to myself?
> 
>