Am 30.07.2006 um 06:15 schrieb Ron Teitelbaum:
> Hello all,
>
> I’m currently working on a TLS / SSL implementation and on windows  
> I am planning to support the Certificate Store that is built in.   
> This requires me to use the CryptoAPI dlls.
Well ... FFI is inherently unsafe - it allows to call any C function  
in any library. So depending on the area of application this might be  
a problem, since you're giving up the relative safety of a VM-based  
system. For example, if the VM's sandbox is enabled, FFI calls are  
disallowed, so you could not use crypto in a sandboxed environment.

- Bert -