On Sun, Nov 27, 2011 at 9:27 AM, bcs <[email protected]> wrote: > On 11/26/2011 04:19 PM, Brad Anderson wrote: > >> >> How about putting a disclaimer on the module warning the code hasn't >> been through a rigorous security audit and point them at well >> established C libraries if they need that sort of assurance. >> > > What does that gain over implementing the first itteration in terms of > well established C libraries and then replacing that with native > implementations as the code goes been through a rigorous security audit? > > Or how about do both as API compatible implementations? That would work > for people who need the proven security and people who can't afford > external dependencies as well as allow them to be swapped out for each > other with minimal effort once the native code is proven. >
That's even better but isn't the issue over bundling incompatibly licensed libraries with phobos? Nothing is stopping someone from writing bindings for these libraries as some random library on D Source or Github already. An agreed upon API would be very nice in any case.
