On Mon, Sep 6, 2010 at 9:16 AM, Thomas DuBuisson <thomas.dubuis...@gmail.com> wrote: > Good work Dan!
Sorry! David. Good work David. Not sure where "Dan" came from. Would you be interested in providing a build option > that replaces the OpenSSL dependency with something more stand-alone? > Or does ossl perform a significant part of the TLS protocol work for > you (vs just being used for algorithms)? > > Anyone impatient for the midnight haddocking can see the docs here: > http://web.cecs.pdx.edu/~dubuisst/secure-sockets-1.0/html/ > > Cheers, > Thomas > > On Sun, Sep 5, 2010 at 10:26 PM, David Anderson <d...@natulte.net> wrote: >> Hi, >> I'm happy to announce the first release of secure-sockets, a library which >> aims to simplify the task of communicating securely between two >> authenticated peers. >> -------------------------------------------- >> -- What it is >> -------------------------------------------- >> The API mimicks that of Network.Socket, and introduces the additional notion >> of peer identity, which is distinct from the endpoint address (host and >> port). Connections can only be established between two peers who know and >> expect to be communicating with each other. >> Transport security is implicitly taken care of: an established >> Network.Secure.Connection implies that each end of the connection >> successfully authenticated to the other, and that they have setup strong >> encryption for your data. >> -------------------------------------------- >> -- What it isn't >> -------------------------------------------- >> The library leans towards the "zero configuration" end of the spectrum, and >> basically Just Works. This means that if you know exactly what you want and >> need for the cipher, authentication algorithm, key type and length, key >> exchange protocol, HMAC algorithm, rekeying intervals, random number >> source... Then secure-sockets is not for you. >> If on the other hand you just want to replace your current cleartext >> "cipher" and faith-based "authentication" code with something that gives you >> a good chance of being secure (see caveats in docs), without diving into the >> rich madness that is full blown SSL, then you might want to take a look. >> This library assumes that both ends of a connection are using it. The goal >> of secure-sockets is not to allow you to connect to any SSL-enabled server, >> or to speak a particular standard flavor of authentication protocol. >> Internally, secure-sockets uses SSL to achieve its goals, so you might get >> lucky if you do it just right, but that is an implementation detail. The >> library is designed to help you easily secure communications between two >> programs whose implementation you control, not between you and anything out >> there. >> -------------------------------------------- >> -- Links >> -------------------------------------------- >> Homepage: http://secure-hs.googlecode.com/ >> Hackage page: http://hackage.haskell.org/package/secure-sockets >> Bug tracker: http://code.google.com/p/secure-hs/issues/list >> Code repository: https://secure-hs.googlecode.com/hg >> -------------------------------------------- >> -- Thanks >> -------------------------------------------- >> I'd like to thank my employer, Google. Not only did they not get mad at the >> idea that I might want to hack on Haskell during working hours (as my "20% >> project"), they also made it very painless for me to open source this code >> when the time came. >> -------------------------------------------- >> -- Questions? >> -------------------------------------------- >> Questions, comments, suggestions and patches can be filed in the issue >> tracker, emailed directly to me, or thrown out on haskell-cafe. >> Hope you find this code useful! >> - Dave >> _______________________________________________ >> Haskell-Cafe mailing list >> Haskell-Cafe@haskell.org >> http://www.haskell.org/mailman/listinfo/haskell-cafe >> >> > _______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe