Hi Sven,
It is a complete implementation with the bare minimum of supported
algorithms, based on the spec. It is 100% in Smalltalk. It worked last
time I tested in, several years ago. I will be able to tell you more this
weekend. Others have been adding fixes/small features since, but not a
lot - the base is pretty solid. I painstakingly followed the RFC for SSL -
I think I read it over 20 times! The only issue would be algorithm support.
I never benchmarked it, but seeing the difference in performance between
Smlltalk crypto code like 3DES and plugin code, there is a SIGNIFICANT
improvement (10x?). I do not know the state of Profiling under Pharo. If
someone could help set me up, then I will profile it this weekend. I
imagine both performance and certification were the reasons for SqueakSSL.
There is also an SSH implementation I wrote that does dynamic window
resizing on net latency.
Rob
-----Original Message-----
From: Sven Van Caekenberghe
Sent: Thursday, May 12, 2011 10:16 AM
To: [email protected]
Subject: Re: [Pharo-project] SSL/HTTPS -
SecureSocketStream/SSLSessionforPharo/Squeak and other Smalltalk
implementations
Hi Rob,
On 12 May 2011, at 15:52, Rob Withers wrote:
Try this, after loading the Crypto packages. I haven't tried it myself,
yet, as I only got on this list and loaded Pharo a few days ago, but I
will probably dig into it over the weekend. I did load Crypto, though.
http://www.squeaksource.com/Cryptography/SSL-mtf.16.mcz
Is there a Pharo repository I could drop ported code into?
This looks like a quite impressive code base. I think I once heard about
this, but never really looked at it.
If I understand this correctly, browsing in SqueakSource, this is actually
an SSL implementation, 100% done in Smalltalk ?
Some questions then:
- in what state is the code, does it work ?
- how compatible is it wrt SSL standards ?
- how fast is it, is it useable ?
- why was it not used for SqueakSSL ?
Sven
