On Saturday, 5 July 2014 at 19:33:31 UTC, deadalnix wrote:
I used to think that. A few years ago, I looked into OpenSSL,
noticed several horrors. Several of them mentioned here:
https://www.youtube.com/watch?v=GnBbhXBDmwU
I watched the video just now and I agree, OpenSSL sounds
horrible. However, the poor quality of it has nothing to do with
being written in C.
However, a very important point comes up at 1:00:15 when a person
asks about the implementation of the "mainstream" ciphers. It
turns out the implementation of the cryptographic algorithms is
well done and actually written by CRYPTOGRAPHERS. One of the
developers admits its beyond their competency and they generally
leave it alone.
So maybe its okay for us to implement APIs or protocols in D, but
we should NOT be implementing our own crypto.
