On Thu, Oct 02, 2003 at 02:21:29PM +0100, Jill Ramonsky wrote: > Thanks everyone for the SSL encouragement. I'm going to have a quick > re-read of Eric's book over the weekend and then start thinking about > what sort of "easy to use" implementation I could do. I was thinking of > doing a C++ implentation with classes and templates and stuff. (By > contrast OpenSSL is a C implementation). Anyone got any thoughts on > that?
Writing a C++ library almost certainly means your application has to be written in C++ as well. I think it is easier to create a C++ wrapper for a C library than a C wrapper for a C++ library (especially if you use all the OO features, although nothing prevents you from following the OO paradigm in C). Because of that, I think you reach more application builders with a C library. > Also - anyone thinking of using something like this - could you > post (in another thread maybe) suggestions as to what kind of "simple" > interface you actually want? As in, what you want it to do? As a programmer I'd like to see something that allows you to: a) specify credentials b) do TLS_start() c) have a TLS_read() and TLS_write() function which work EXACTLY the same as the read() and write() functions d) TLS_stop() Each of those steps can return a fatal error, but I'd rather not have to deal with warnings and other stuff that needs intervention of the application itself, and I also don't want to write callback functions if it's not really necessary. > Some advice on licensing wouldn't go amiss either. (GPL? ... LGPL? ... > something else?) I'd say LGPL or BSD, without any funny clauses. By the way, also have a look at GnuTLS and libgcrypt: - http://www.gnu.org/software/gnutls/ - http://www.g10code.com/p-libgcrypt.html -- Met vriendelijke groet / with kind regards, Guus Sliepen <[EMAIL PROTECTED]>
signature.asc
Description: Digital signature