Bindings in standard library is really wierd, especially for porting and maintaining on various system (linux, android,...) Le 29 janv. 2014 20:32, "Sean McArthur" <[email protected]> a écrit :
> > > > On Wed, Jan 29, 2014 at 11:17 AM, Tony Arcieri <[email protected]> wrote: > >> As it were, ruby-core is now talking about extracting OpenSSL into a >> separate library packaged independently from the standard distribution. >> They are not cryptographic domain experts, don't want to be responsible for >> it, and having it in the standard library limits their agility around >> incident response when security problems are discovered. >> > > Understandable. Though, packaging bindings to a mature implementation > would reduce the need for experts in Rust, and still give users the "this > is audited crypto code, use it" message. > > >> rust-crypto is a brand new implementation of a bunch of crypto which >> hasn't been well-audited. That alone should worry you. >> > > I was under the impression that rust-crypto was extra::crypto moved into a > separate library. I could be wrong. > > >> I would definitely not be a fan of a non-battle hardened crypto library >> being in core Rust. >> > > I wouldn't be either. Whichever library is used, Rust could call it > libcrypto, and I as a user can trust that it's a good library that I can > use. > > _______________________________________________ > Rust-dev mailing list > [email protected] > https://mail.mozilla.org/listinfo/rust-dev > >
_______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
