On 4/30/17 11:51 PM, James wrote:
> I think we want standard TLS.  I know enough about cryptography to
> know that I really don't want to roll my own.  So I guess OpenSSL is
> what we'll use but then, maybe, something else for local file
> cryptography and signing.  We might even use OpenPGP as a helper
> application.

TLS for data in motion plus PGP for data at rest sounds like a fine
choice. One very big win over NaCl/libsodium based solutions is that you
have a mature story for key and certificate management.

You might consider libressl instead of openssl: "LibreSSL is a version
of the TLS/crypto stack forked from OpenSSL in 2014, with goals of
modernizing the codebase, improving security, and applying best practice
development processes. Primary development occurs inside the OpenBSD
source tree with the usual care the project is known for."


You received this message because you are subscribed to the Google Groups 
"Racket Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to racket-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to