>If you are interested I could mail you the patches
>for you to have a look at them.
Yes, I'd definitely be interested in having a look at them.
>> >X-Mailer: Liam [version 0.7]
>Whats that? never head of it.
Liam is a mailer written by a friend of mine -- it's very full featured, and I'd be
willing to say hands down the fastest mailer available for *nix. It's in beta now,
but maybe I can convince him to release it one of these days.
>Why Invent a new one? PKCS#11 is exactly designed for this. While one
>might argue
>that something sponsored by RSA Inc. is not as open as it can be, it is
>not as
>focused on SmartCards as PC/SC
Maybe a better way of stating my intent would've been to say that I'd like to
provide the cross platform interface to make a PKCS#11 interface easier.
Although there are some things in PKCS#11 that I strongly disagree with, like
pg. 111 of the 2.1 PKCS #11 draft:
"Execution of a Cryptoki function call is in general an all-or-nothing
affair, i.e., a function call accomplishes either its entire goal, or
nothing at all."
That is entirely ridiculous IMO. A lot of hardware cannot be taken good
advantage of without the use of threads if this remains the case. I see
absolutely no reason that the standard should not be able to support async
for persons wanting to use this model.
>I do not propose to solve this, but it might be possible by changing the
>'internal' functions of the four basic crypto ops into being able to
>work non-blocking.
Yes, I'm thinking it's going to amount to something like this. Unfortunately,
it seems as though the changes will need to be upwardly propagating. So as an
example, the higher level SSL code will also need to be made aware that an
operation is incomplete, and it needs to provide reentrancy. Although since
this is currently done for socket level events, I don't see any reason it
couldn't be done for other things.
>Than you can attach methods to the mechanism structures like you would
>in C++ by using virtual function members, and the call gets either
>passed
>on to the ceay RSA implementation or the hardware.
That sounds like a sensible approach.
>I know that I have been talking about this for a long time. But I
>consider
>it a grave breach of netiquette to post ~1MB to a mailing list. Even in
>the
>days of Mailers that send Word-Docs as primary mail contetn. I mailed
>the
>changes to Steve, but have not heard from him yet.
Heh well I'm sure the lack of 1MB+ files on the mailing list is appreciated.
>From what I understand from him, Steve is pretty busy these days.
--Chris
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
