Hi Michael, >The naming of this component is wrong. It should be >Zend_Pki_Certificate or Zend_Pki_Key or some such. The word "Crypt" >should be reserved for a generic crypto class and "Rsa" is just one >implementation of a symmetric algorithm.
The naming is more categorical than specific - crypt/cryptography. Sorry if that's unclear - I go with short/existing namespaces where possible. One could argue against PKI as a namespace even, since the issue of trust is optional - there's no absolute requirement for a certification authority since you can issue your own uncertified keys in RSA. >Also as long as I'm on a rampage, I will say I'm not a big fan of OO >wrappers for the sake of OOP as if it is somehow inherently superior >to just using an existing set of functions. What functional benefit >does this API have over the builtin openssl API? The major benefit as noted for future implementation in the proposal, is making openssl an optional dependency. Same applies to Zend_Crypt_DiffieHellman. Secondly it also simplifies using these algorithms since a little abstraction goes a vast distance in cryptography making things accessible. Even over and above openssl only. Thirdly as an OO component mocking and testing is vastly simplified for other dependent source code. Fourthly openssl has crappy documentation that is plain wrong in obvious places. Fifthly (is fifthly a real word ;)), it distills one specific openssl usage in one specific API. Sixthly the proposal is for base functionality, but you can push some useful extras on top or extend for specific needs. Seventhly, I'm probably overlapping reasons a little I realise. I know what your point is, but my point is largely that OO does add concrete benefits. They may not be huge benefits to everybody, but they are real nonetheless. Whether they are sufficient to warrant inclusion in the ZF is of course entirely the decision of a Zend review so get your comments and observations in on the proposal page itself. Best regards, Paddy Pádraic Brady http://blog.astrumfutura.com http://www.patternsforphp.com OpenID Europe Foundation ----- Original Message ---- From: Michael B Allen <[EMAIL PROTECTED]> To: Pádraic Brady <[EMAIL PROTECTED]> Cc: Zend Framework General <[email protected]> Sent: Thursday, June 12, 2008 10:15:12 PM Subject: Re: [fw-general] Zend_Crypt_Rsa Proposed: Community comment welcome On 6/12/08, Pádraic Brady <[EMAIL PROTECTED]> wrote: > > I have finished my proposal for a Zend_Crypt_Rsa component, which will come > in handy for a few uses, not least of which OAuth. > > http://framework.zend.com/wiki/pages/viewpage.action?pageId=3866770 > > Comments from the community is more than welcome. As it stands the component > is quite a neat OO wrapper around existing ext/openssl functionality. The naming of this component is wrong. It should be Zend_Pki_Certificate or Zend_Pki_Key or some such. The word "Crypt" should be reserved for a generic crypto class and "Rsa" is just one implementation of a symmetric algorithm. Also as long as I'm on a rampage, I will say I'm not a big fan of OO wrappers for the sake of OOP as if it is somehow inherently superior to just using an existing set of functions. What functional benefit does this API have over the builtin openssl API? Mike -- Michael B Allen PHP Active Directory SPNEGO SSO http://www.ioplex.com/
