Ben
> > > Has anyone looked at using the OpenSSL src as a baseline for a WTLS
> > > implementation ?
> > >
> > > I'd be interested in any comments, opinions etc.
> >
> > WTLS and TLS are quite different. Beside new algorithms
> > (ECDH, ECDSA, ..) you also have a different record layer and
> > tonns of new protocol structures. You also must support
> > datagram transport layers and the whole state machine looks
> > more complex. These were only the most significant
> > differences. There are others too.
> >
> > It's not a good idea to integrate the W into the current
> > OpenSSL project.
>
> Why not? OpenSSL is designed to allow exactly these kinds of variations.
I doubt that there's an overall design =).
> Don't forget that despite its name, OpenSSL is really a general-purpose
> crypto library.
I agree that OpenSSL is a good general-purpose crypto library. But
in real life SSL, TLS or WTLS are protocols that 'only' use mechanisms
of a crypto library. There's no need to embedd all crypro related protocols
just because they use crypto mechanisms. Even HTTP defines a MD5 hash value
(and the group discusses about signed Cookies) but I think no one will
suggest to implement HTTP in OpenSSL.
Regards Rene
--
-----------------------------------------------------------
Rene G. Eberhard
Mail : [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
