On Thu, Oct 02, 2003 at 02:21:29PM +0100, Jill Ramonsky wrote:

> Thanks everyone for the SSL encouragement. I'm going to have a quick 
> re-read of Eric's book over the weekend and then start thinking about 
> what sort of "easy to use" implementation I could do. I was thinking of 
> doing a C++ implentation with classes and templates and stuff. (By 
> contrast OpenSSL is a C implementation). Anyone got any thoughts on 
> that?

Writing a C++ library almost certainly means your application has to be
written in C++ as well. I think it is easier to create a C++ wrapper for
a C library than a C wrapper for a C++ library (especially if you use
all the OO features, although nothing prevents you from following the OO
paradigm in C). Because of that, I think you reach more application
builders with a C library.

> Also - anyone thinking of using something like this - could you 
> post (in another thread maybe) suggestions as to what kind of "simple" 
> interface you actually want? As in, what you want it to do?

As a programmer I'd like to see something that allows you to:

a) specify credentials
b) do TLS_start()
c) have a TLS_read() and TLS_write() function which work EXACTLY the
   same as the read() and write() functions
d) TLS_stop()

Each of those steps can return a fatal error, but I'd rather not have to
deal with warnings and other stuff that needs intervention of the
application itself, and I also don't want to write callback functions if
it's not really necessary.

> Some advice on licensing wouldn't go amiss either. (GPL? ... LGPL? ...
> something else?)

I'd say LGPL or BSD, without any funny clauses.

By the way, also have a look at GnuTLS and libgcrypt:
- http://www.gnu.org/software/gnutls/
- http://www.g10code.com/p-libgcrypt.html 

Met vriendelijke groet / with kind regards,
    Guus Sliepen <[EMAIL PROTECTED]>

Attachment: signature.asc
Description: Digital signature

Reply via email to