Joe Orton wrote:

l) again, no demonstration that non-OpenSSL-based implementations are even possible, if an abstraction is the intent.
http://msdn2.microsoft.com/en-us/library/aa380252(VS.85).aspx#csp_data_encryption_functions

http://www.gnu.org/software/gnutls/comparison.html

URLs != demonstration.

Of course URLs are a demonstration.

You maintain that non OpenSSL based implementations are not possible, and you have offered no evidence whatsoever to support this.

I on the other hand put in a significant amount of research into this before embarking on this effort to make sure that other platforms, most notably Windows, have the functionality I am looking for, so that the session stuff, which I was working on at the time, had the widest possible audience that would work out the box.

I am not a Windows developer, I was hoping that somebody would pick up on what I was doing and fill in the Windows bits for me. If not, I planned to borrow a Windows machine and do it myself. I certainly planned to address this at the end of next week, when I can make some more time. That has been short circuited of course.

I'll revert the code, anyway.

To quote what Roy put into his sandbox at https://svn.apache.org/repos/asf/httpd/sandbox/wakad/README.txt:

"Don't knock over my castle."

Every time you veto something instead of engaging someone in a discussion to resolve the issues, you are knocking over that person's sandcastle. And every time you do that, you are giving that person one less reason to bother code up anything at all.

You have raised some valid points which need to be addressed in the current code. Unfortunately you delivered those points with the blunt instrument of the -1, and as a result the SSL part of the code has effectively been withdrawn, and any chance of those issues ever being addressed has been vastly reduced if not eliminated entirely.

Regards,
Graham
--

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to