On Dec 17, 2007, at 17:38, [EMAIL PROTECTED] wrote:
So... supposing I was going to design a crypto library for use within a financial organization, which mostly deals with credit card numbers and bank accounts, and wanted to create an API for use by developers, does anyone have any advice on it?
The one thing that I think is most important is not to use the "bunch of functions" approach, but rather an integrated approach that directly supports the use cases and protects against misuse.
Intend to skim the OpenSSL design and Gutmann's "Design of a Cryptographic Security Architecture" for ideas.
There you have examples of both approaches. Fun, Stephan --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
