Hi J J,

Just to be clear, most of the components that were used for SSL already
existed in squeak Cryptography.  It was because of all the work from others
in creating all the cryptography code that we were able to even attempt to
put it all together into the SSL protocol.  

Also I must agree with you Rob did a wonderful job getting it all working.
His work is really clean and the implementation is beautiful.  Keep in mind
this is a first pass, there is much to do to round it out to make it
production quality.

Thank you everyone that has participated in Squeak Cryptography and again if
anyone would like to join there are a number of projects we are working on,
including: 

KomServer SSL integration
MS CryptoAPI integration
SSL Testing and Documentation
SSL Code Review
OpenSSL integration (may be handled with LibCurl)
ASN1 framework for additional protocol support.
Cryptography Testing and Common Criteria Modifications
Secure VM and Image
Certificates for install (try before you buy, or buy license to activate)
Squeak FIPS certification

Please sign up and volunteer at:
http://lists.squeakfoundation.org/mailman/listinfo/cryptography 

Ron Teitelbaum
Cryptography Team Leader   

> -----Original Message-----
> From: squeak-dev-bounces at lists.squeakfoundation.org [mailto:squeak-dev-
> bounces at lists.squeakfoundation.org] On Behalf Of J J
> Sent: Monday, October 02, 2006 2:49 PM
> To: squeak-dev at lists.squeakfoundation.org
> Subject: Re: [ANN] Working SSL In Squeak
> 
> Hi Robert,
> 
> But do I understand right that you guys *did* impliment SSL in squeak from
> scratch?  From what I gathered in the list it wasn't in squeak yet.
> 
> Well I'm impressed either way.  What are your next projects? :)
> 
> 
> >From: Robert Withers <reefedjib at yahoo.com>
> >Reply-To: The general-purpose Squeak developers
> >list<squeak-dev at lists.squeakfoundation.org>
> >To: The general-purpose Squeak developers
> >list<squeak-dev at lists.squeakfoundation.org>
> >Subject: Re: [ANN] Working SSL In Squeak
> >Date: Mon, 2 Oct 2006 10:10:17 -0700
> >
> >Hi Stef,
> >
> >The DESPlugin implements the DES cryptography algorithm, which has
> >basically two parts.  Key preparation, which DES calls "cooking the
> key",
> >and transformation, where it takes the cooked key and the input  block
> and
> >encrypts it or decrypts it.  I have always wished that  there were an
> >in-image implementation so that the plugin isn't  required when doing
> DES,
> >but it hasn't happened yet.  Something to  work on, perhaps.  Note that I
> >didn't write it, I am only a user.
> >
> >Robert
> >
> >On Oct 2, 2006, at 9:22 AM, stephane ducasse wrote:
> >
> >>Hi robert
> >>
> >>just that I understand a bit more what  is the role of the DESPlugin?
> >>
> >>>Hi all,
> >>>
> >>>Let me add a few things to Ron's announcement.  First off I added  a
> >>>HttpsUrl class and support to retrieve pages with these Urls.   So you
> >>>can do the following:
> >>>
> >>>'https://www.fidelity.com' asUrl retrieveContents.
> >>>
> >>>I tried to add support for a POST command, but I couldn't really  test
> it
> >>>because I couldn't find a WebBrowser.  Do we still have  one?  I wanted
> >>>to do my online banking in squeak! :-)
> >>>
> >>>Second, without a patch the Monticello configurations won't work.   Let
> >>>me list the packages needed from the Cryptography repository.   Load,
> in
> >>>order:
> >>>
> >>>CryptographyBase
> >>>Cryptography-Core
> >>>Cryptography-DES
> >>>Cryptography-DSA
> >>>Cryptography-ElGamal
> >>>Cryptography-RSA
> >>>Cryptography-SHA1
> >>>Cryptography-RC4
> >>>Cryptography-MD5
> >>>Cryptography-ASN1
> >>>Cryptography-X509
> >>>Cryptography-SSL
> >>>
> >>>
> >>>Lastly. you will need a DESPlugin, which you can find here: http://
> >>>minnow.cc.gatech.edu/squeak/2410, including an updated one for Linux.
> >>>
> >>>cheers,
> >>>Robert
> >>>
> >>>
> >>>
> >>>On Oct 2, 2006, at 7:28 AM, Ron Teitelbaum wrote:
> >>>
> >>>>All,
> >>>>
> >>>>
> >>>>
> >>>>A while back I started an implementation of TLS 1.2.  Rob Withers
> >>>>joined the effort a few weeks ago and is has made terrific  progress.
> >>>>He reorganized everything, added a proper protocol  stack, and now has
> >>>>the certificates working.
> >>>>
> >>>>
> >>>>
> >>>>Our version now works with SSL3.0 and TLS 1.1, and DH or RSA  using
> >>>>x509v3 Certificates.  There are still a number of things  that need to
> >>>>be done but we can now use squeak to connect as an  SSL server and/or
> >>>>client.  See the examples in the workspace that  opens when you load
> the
> >>>>code.  You will find our implementation  at
> >>>>www.squeaksource.com/Cryptography.  There are two Monticello
> >>>>Configuration files available to make loading easier.  Load
> >>>>Cryptography-Configuration.mcm, and then Crypt-Xtra-Config.mcm.
> >>>>
> >>>>
> >>>>
> >>>>We could use some help with testing, code review, documentation  or
> any
> >>>>other help you would like to offer.
> >>>>
> >>>>
> >>>>
> >>>>There is also support for MS CryptoAPI and CertificateStores for
> >>>>Microsoft in the MSCert package.  In the future I will be working  on
> >>>>integrating this functionality.  I will also be adding support  for
> >>>>KomHttp which is mostly completed but needs to be updated to  support
> >>>>Rob's new version.
> >>>>
> >>>>
> >>>>
> >>>>We hope you find this useful and will keep us updated on your use  and
> >>>>issues with our implementation.  If you have any questions  please let
> >>>>us know.  Also again we would like to invite anyone  with interest or
> >>>>experience with cryptography to join our  Cryptography Team
> >>>>athttp://lists.squeakfoundation.org/mailman/ listinfo/cryptography .
> >>>>
> >>>>
> >>>>
> >>>>Thanks and enjoy,
> >>>>
> >>>>
> >>>>
> >>>>Ron Teitelbaum
> >>>>
> >>>>President / Principal Software Engineer
> >>>>
> >>>>US Medical Record Specialists
> >>>>
> >>>>www.USMedRec.com
> >>>>
> >>>>Ron at USMedRec.com
> >>>>
> >>>>Squeak Cryptography Team Leader
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>
> >>>
> >>
> >>
> >
> >
> 
> 
>