Hi Adam, thank you for your interest! You have an interesting proposal - thanks for coming up with your own one! I would personally think SSH would be more useful than SSL/TLS, oh well. However I am afraid that HelenOS might not be ready for this right now, maybe next year... The network stack is still in the flux - I am just currently replacing the existing stack with a completely new one (see https://code.launchpad.net/~jsvoboda/helenos/inet). Even when this rewrite is complete (which could be within the next few months) it will still be quite immature and change a lot. SSH might be better because it will be more on the application layer, but still.. At this point we are not even able to do resolve host names to IP addresses or automatically configure address via DHCP... you could really hit some problems.
I am not an expert in this area, but I believe that SSL, TLS, SSH are all implemented using some cryptographic libraries. It certainly makes more sense to port those libraries rather than re-implement them, since they will be very portable. On the other hand, the rest will probably be best re-implemented in a HelenOS-specific way. Some MD5/SHA hashes would certainly be useful for other purposes as well. I really don't want to discourage you, just warn you that the networking stack is still not in such good shape as you might be thinking. I suggest it might be better if you either come up with another idea or at least modify your proposal in such way to be less dependent on networking. I would not want to end up in a situation where you could not progress because I haven't finished some part of the network stack just yet :-( After all, I am working on in in my spare time - and this is very scarce sometimes. Cheers -Jiri > Hi, my name is Adam Saleh, > > and once again I have almost missed the deadline for GSOC :-) Actually > I only realized it yesterday, so I decided, that I will first write > you my proposal for a proposal. > > Hopefully sometime tomorrow drop a patch on this list (I am quite > interested in adding floating poin to printf > http://trac.helenos.org/ticket/221) > So, if anybody is already working on printf, let me know :) (I have > skimmed throught the mailing list, and didn't see anybody and as far a > I can tell from > printf_core it is not implemented yet) > > ============================= > Proposal: Adding SSL to network stack > ============================= > > * Why? > > I am in it for the money and somewhat lower-level network-security > related experience. > I am in second semester Master at Masaryk university, major in > Information Security. > > I think, that having ssl implementation in HelenOS would bring it one > step closer to become a viable platform for server aplications. > > * What would be my ultimate goal? > > I'd hope to provide working https enabled web-server (aking to webserv). > > * Implementation? > > I haven't yet decided whether I would try to port some existing > library, or try to create new library. > I believe new library would fit non-posix nature of helenos better, on > the other hand, it is a good practice > not to reimplement basic cryptographic primitives. > > Project would have these milestones: > > 1) implementation/porting and testing of basic cryptographic primitives > 2) implementation and testing of openssl certificates verification > * I don't think, I should write Certificate Authority, I > believe security requirements on CA's would make it another project. > 3) implementation of the protocol itself > > What do you think about it? > > Best Regards, > > Adam Saleh _______________________________________________ HelenOS-devel mailing list [email protected] http://lists.modry.cz/cgi-bin/listinfo/helenos-devel
