Vincent Hanquez wrote: > On Fri, Oct 08, 2010 at 12:54:48PM +0100, Sittampalam, Ganesh wrote: >> What's the motivation for this? > > Well, I wanted to have a tls/ssl module that integrate nicely with > haskell. > until then the 2 solutions were: > > - shelling out to curl: that's not great, usually works until you > have an error, and then you're greeted with a curl command line > error. the control is pretty poor, what if you want a fancy > certificate control ? Also you have absolutely no server support in > this case, this is client only. > > - using either gnutls or openssl bindings: there's multiples reasons > this is not great. > depending on huge C libraries (security wise, platform wise), massive > usage of IO even in place where it shouldn't, low hacking potential > (adding ciphers/hash, etc). > > Apart from that, we all know here why programming in haskell is > better than doing the same thing in says, C or python. I think it > apply even more when the focus of this is a secure library.
While I agree with the potential benefits, I also worry that you will end up making something that is far less well tested in practice. For widely used and fairly low-level libraries like gnutls, openssl and zlib, I'm just skeptical that the benefits outweigh the risks and costs. Anyway, it's just a feeling. Please do prove me wrong :-) Cheers, Ganesh =============================================================================== Please access the attached hyperlink for an important electronic communications disclaimer: http://www.credit-suisse.com/legal/en/disclaimer_email_ib.html =============================================================================== _______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe