On 07/29/2013 09:08 AM, Petr Pudlák wrote:
Dear Haskellers,
I wanted to write a small TLS application (connecting to IMAP over
TLS) and it seemed natural to use conduit for that. I found the
network-conduit-tls package, but then I realized it's meant only for
server applications. Is there
On 07/29/2013 10:43 AM, Michael Snoyman wrote:
I've actually been intending to add the client side code to that
package, but I simply haven't gotten around to it yet. It's actually
not that complicated, but it does require some thought on the right
interface for things like approving/rejecting
On Mon, Feb 25, 2013 at 01:30:40PM +0100, Nicolas Trangez wrote:
All,
In order to implement some network protocol clients recently, I needed
binary serialization of commands and deserialization of responses
('Command - ByteString' and 'ByteString - Response' functions,
preferably for both
On Mon, Feb 25, 2013 at 11:59:42AM -0800, Johan Tibell wrote:
- cereal can output a strict bytestring (runPut) or a lazy one
(runPutLazy), whilst binary only outputs lazy ones (runPut)
The lazy one is more general and you can use toStrict (from bytestring) to
get a strict ByteString from
On 02/23/2013 06:58 PM, C K Kashyap wrote:
The reason I want to use TLS is that I'd want to pack the whole thing in a
DLL and give it off to a friend for use.
What I am really looking for is a small sample code that demonstrates how
TLS package can be used to connect to a webserver or
On 02/23/2013 09:05 PM, Brandon Allbery wrote:
On Sat, Feb 23, 2013 at 1:58 PM, C K Kashyap ckkash...@gmail.com wrote:
What I am really looking for is a small sample code that demonstrates how
TLS package can be used to connect to a webserver or imapserver.
TLS isn't actually SSL, despite
On 02/23/2013 03:28 PM, C K Kashyap wrote:
Hi,
I am trying to use Haskell to download email/attachments from gmail. For
which I am exploring Network.TLS. I got this sample from the net that
connects to gmail smtp and works just fine -
http://hpaste.org/82890
Your example look odd,
Typically
On 02/16/2013 12:51 AM, Andrew Cowie wrote:
Windows certificate and macos X certificate are stored in a reliably
discoverable place. That openssl provide no way to get to it is a
different story and one reason to have tls.
Is talking to the Windows and Mac OS certificate stores something that
On 02/15/2013 02:05 PM, Andrew Cowie wrote:
all very nice (this being necessary because apparently the non-free
operating systems don't store their certs in a reliably discoverable
place; bummer).
Sorry the answer is out of topic, but this is not true.
Windows certificate and macos X
On Fri, Feb 01, 2013 at 01:07:33PM +0100, Christopher Done wrote:
Hey dude, it looks like we made the same project yesterday:
http://www.reddit.com/r/haskell/comments/17njda/proposal_a_trivial_cabal_package_signing_utility/
Yours is nice as it doesn't depend on GPG. Although that could be a
On 01/30/2013 07:27 PM, Edward Z. Yang wrote:
https://status.heroku.com/incidents/489
Unsigned Hackage packages are a ticking time bomb.
I agree this is terrible, I've started working on this, but this is
quite a bit of work and other priorities always pop up.
On 01/30/2013 10:48 PM, Niklas Hambüchen wrote:
You are right, I skipped over that this was actually a server-side
exploit - sure, end-to-end signing will help here.
it helps also in the HTTP case; a MiTM wouldn't be able to change the
package without knowing the private key.
more to the point
On 01/31/2013 06:27 AM, Ertugrul Söylemez wrote:
In any case there is no valid excuse for the lack of crypto. It's too
easy to attack Hackage, so we need some crypto regardless of what we
interpret it as.
My proposal is:
1. Build the necessary machinery into Cabal to allow signing keys and
On 01/31/2013 08:16 AM, Ketil Malde wrote:
*MY* proposal is that:
0. Hackage sends an email to the previous uploader whenever a new
version of a package is uploaded by somebody else.
At least that way, I would be notified if it happened to my packages,
and I would be able to check up on
On 01/31/2013 10:06 AM, Ertugrul Söylemez wrote:
Joachim Breitner m...@joachim-breitner.de wrote:
And that may even be more harmful, because an insecure system with a
false sense of security is worse than an insecure system alone.
Let's do it properly.
but don’t overengineer it either.
On 01/31/2013 08:54 AM, Alexander Kjeldaas wrote:
On Thu, Jan 31, 2013 at 9:26 AM, Vincent Hanquez t...@snarc.org wrote:
On 01/31/2013 06:27 AM, Ertugrul Söylemez wrote:
In any case there is no valid excuse for the lack of crypto. It's too
easy to attack Hackage, so we need some crypto
On Sat, Jan 26, 2013 at 07:46:04AM -0200, Thiago Negri wrote:
Do you need advice on what? I didn't understand your last phrase.
IIUC, it has to do which how to interrupt a blocking call to ncurses event
handling, from another thread (the calculation thread) to let the UI thread
refresh the UI
On Sun, Jan 20, 2013 at 08:27:07PM +0100, Alexander Kjeldaas wrote:
Regarding testing, it looks like the Tests directory hasn't been updated to
cover this bug. What would really give confidence is a set of tests
encoding fixed security vulnerabilities in OpenSSL (and similar libraries).
That
On Sun, Jan 20, 2013 at 11:01:22AM +0100, Joachim Breitner wrote:
Debian ships tls-extras 0.4.6 in what will become wheezy, and due to the
freeze upgrading to a new major upstream release is not acceptable.
Would it be possible for you to create a 0.4.6.1 with this bugfix
included?
(wow,
Hi cafe,
this is a security advisory for tls-extra 0.6.1 which are all vulnerable to
bad
certificate validation.
Some part of the certificate validation procedure were missing (relying on the
work-in-progress x509 v3 extensions), and because of this anyone with a correct
end-entity certificate
On Tue, Jan 15, 2013 at 03:27:29PM +0100, Ertugrul Söylemez wrote:
Vincent Hanquez t...@snarc.org wrote:
Yes, the performance are terrible in term of integers. As the library
is specific to public key algorithm, i just can't reasonable work on
64 bits integer :-), and multiprecision
On Mon, Jan 14, 2013 at 01:49:44PM +0100, Daniel Fischer wrote:
On Monday 14 January 2013, 12:36:22, Vincent Hanquez wrote:
On Sat, Jan 12, 2013 at 02:12:44PM +0100, Ertugrul Söylemez wrote:
I've spend some good chunk of time adding KATs and tests,
documentation, and making sure
On Sat, Jan 12, 2013 at 02:12:44PM +0100, Ertugrul Söylemez wrote:
I've spend some good chunk of time adding KATs and tests,
documentation, and making sure the performance was ahead of other
haskell implementations.
I suggest looking at Daniel Fischer's arithmoi [1] library, which
Hi Cafe,
I've recently released crypto-pubkey [1][2], which provide a comprehensive
solution for public key cryptography.
Most known RSA modes (PKCS15, OAEP, PSS) are supported, and there's also DSA
and ElGamal signature support. Most of the code originally lived in
cryptocipher,
but have now
On 01/11/2013 11:34 PM, Joachim Breitner wrote:
nice. But in the interest of possible users: Is there a reason why this
code could not live in cryptocipher? Do we need multiple implementations
of the cyphers, and expect our users to find out for themselves why to
use one or the other?
The
On 12/13/2012 12:51 PM, Michael Snoyman wrote:
I think that's a great idea. I just implemented this on PackDeps:
http://packdeps.haskellers.com/licenses
As with all features on that site, I'll be happy to deprecate it as
soon as Hackage incorporates the feature in the future.
awesome
On 11/28/2012 09:31 PM, Leon Smith wrote:
Quite possibly, entropy does seem to be a pretty lightweight
dependency...
Though doesn't recent kernels use rdrand to seed /dev/urandom if it's
available? So /dev/urandom is the most portable source of random
numbers on unix systems, though
Hi Cafe,
with the approval of Niklas, the original author and maintainer, i'll be
maintaining language-java for now. I've uploaded a new version on
hackage [1] with some minor improvements and the repository is now
hosted on github [2].
Thanks Niklas for language-java !
[1]
On 11/27/2012 06:46 PM, Alfredo Di Napoli wrote:
Thanks for the effort!
Now, what about some documentation? :P
Sure ! Fork away, and send pull requests :-)
--
Vincent
___
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
On 11/23/2012 08:19 AM, Silvio Frischknecht wrote:
i recently found the convertible package
Thanks. quite a cool package, I'll probably use it in the future for
some of my programs.
Not sure that's appropriate for my cases unfortunately.
--
Vincent
Hi cafe,
I've been adding lots of types recently that looks more or less like:
newtype A = A ByteString
data B = B ByteString
This is great for extra type safety and letting the compiler do its job,
however getting the bytestring back requires boiler plate.
At the moment either you
On 11/22/2012 03:42 PM, kudah wrote:
Why not use
http://hackage.haskell.org/packages/archive/newtype/0.2/doc/html/Control-Newtype.html
instead?
interesting i didn't know about it, however it's seems relatively
unknown (can't find any library on hackage that use it) and just like
Serialize
On 11/14/2012 09:53 AM, Ivan Lazar Miljenovic wrote:
% cabal install virthualenv
Resolving dependencies...
cabal: Could not resolve dependencies:
trying: virthualenv-0.2.1
rejecting: base-3.0.3.2, 3.0.3.1 (global constraint requires installed
instance)
rejecting:
On 11/06/2012 09:33 PM, Ben Franksen wrote:
Hi Everyone
I want to implement a binary protocol that, unfortunately, has some
alignment restrictions.
[snip]
Cheers
Hi Ben,
I don't think such thing currently exists.
Not sure that's any help to you (and definitely not answering your
binary
On 08/24/2012 04:20 PM, marcmo wrote:
You have done quite some work on the crypto front...cool!
since you are the owner of cryptocipher and your new package cipher-aes:
is cryptocipher now deprecated?
cryptocipher itself is not deprecated as it contains much more than just AES.
The haskell
On 08/24/2012 01:47 PM, marcmo wrote:
In my day job I currently need to deal with a lot of cryptographic processing.
For the tests I need to perform various cryptographic functions in haskell.
these include:
* AES Encryption/Decryption (CBC-Mode)
* RSA Public Key Encryption/Decryption
*
On 07/21/2012 05:12 PM, C Gosch wrote:
Hi Cafe,
and then the server says
(AlertLevel_Fatal,UnexpectedMessage)
I'm not sure whether the ServerHelloDone should happen when resuming.
Does anyone have a hint what may be going wrong?
I am using TLS10 and the tls package with version 0.9.6.
Hi
On 07/23/2012 06:54 PM, . wrote:
I just modified TLS locally on my system
to export SessionID and SessionData, and set the session callbacks to
storing/retrieving the session data from a Map.
After that, the resumption appears to work :-D
Thanks a lot for that hint!
Is that the way it's meant to
On 05/04/2012 01:35 AM, Thomas DuBuisson wrote:
Vincent has done great work for Haskell+Crypto so I think he knows I
mean nothing personal when I say cprng-aes has the right idea done the
wrong way. Why a new effort vs Vincent's package?
1. cprng-aes is painfully slow.
when using the haskell
On 05/04/2012 04:56 AM, Thomas DuBuisson wrote:
On May 3, 2012 5:49 PM, Ertugrul Söylemez e...@ertes.de mailto:e...@ertes.de
wrote:
Thomas DuBuisson thomas.dubuis...@gmail.com
mailto:thomas.dubuis...@gmail.com wrote:
I can't really tell whether the first two points are true.
On 05/04/2012 02:37 PM, Ryan Newton wrote:
My end goal is to have the user use transparently the fastest
implementation available to their architecture/cpu providing they use the
high level module. I've uploaded the cpu package which allows me to detect
at runtime the aes
On 05/04/2012 02:33 PM, Ryan Newton wrote:
1. cprng-aes is painfully slow.
when using the haskell AES implementation yes. with AESNI it fly, and even
more when
i'll have time to chunk the generation to bigger blocks (says 128 AES
block at a time)
One data-point -- in
On 05/04/2012 03:05 PM, Thomas DuBuisson wrote:
Vincent uses gcc header files to get the AES instructions:
Header files of:
#includewmmintrin.h
#includetmmintrin.h
And later calls of:
x = _mm_aesenc_si128(m, K1);
But currently you must know you have AESNI and use a flag:
On 05/04/2012 03:18 PM, Brandon Allbery wrote:
On Fri, May 4, 2012 at 10:11 AM, Vincent Hanquez t...@snarc.org
mailto:t...@snarc.org wrote:
For the language, i think assembly is a no-no with cabal, as such it need
to be embedded in gcc inline assembly if you want to have something
On 04/24/2012 09:46 PM, Jeff Shaw wrote:
Hello,
Up until now I've been using Aeson, but I've found that its number type isn't
going to work for me. I need to use decimal numbers while avoiding conversions
from and to Double, which Aeson doesn't allow. There are quite a few more JSON
libraries
On 04/17/2012 04:05 AM, John Goerzen wrote:
Dmitry others,
Attached is a diff implementing TLS support for haskell-xmpp, and correcting a
build failure.
The support is rough but it seems to work so far.
It's a bid sad but gnutls is GPL-3 and haskell-xmpp BSD3, rendering the
combination
Hi Cafe,
Is there a way to have (some) cabal flags to autoconfigure themselves ?
For example, a SSE flag, i want the configure to default to on
when the building machine has SSE instruction available, and default
to off otherwise.
(of course, it wouldn't affect the user ability to override the
On 03/13/2012 10:33 PM, Johan Tibell wrote:
value = Bin 1 (Bin 2 Leaf Leaf) (Bin 3 Leaf Leaf)
I'm usually using the following snippet which is a tweak of the gshow function
from syb.
However everything need to be a member of Data/Typeable, and also list are not
particularly well handled with
On 02/16/2012 08:21 PM, Magnus Therning wrote:
On Thu, Feb 16, 2012 at 09:51, Kazu Yamamotok...@iij.ad.jp wrote:
Hello,
eagletmt implemented a Vim plugin for ghc-mod:
https://github.com/eagletmt/ghcmod-vim
Happy Haskell programming on Vim!
Thank you for pointing this out on the
On 01/24/2012 07:33 AM, Gregory Crosswhite wrote:
On 1/24/12 9:43 AM, Felipe Almeida Lessa wrote:
Use cereal [1], usually it's fast and easy enough.
Out of curiosity, is binary no longer the recommended standard for such things?
binary got only an interface for processing lazy bytestring.
On 01/19/2012 08:14 AM, Gregory Collins wrote:
Speaking of the migration issue; it should be possible to have an
enumerator - conduit wrapper library to help people continue to use
their enumerator-based code for awhile (and vice-versa).
A bit out of topic and definitely not answering the
On 01/19/2012 03:22 AM, Erik de Castro Lopo wrote:
Michael Snoyman wrote:
However, WAI and Warp are mostly ready now, just needing a bit more
testing. If people want to give me some feedback on the readiness
of them, and would like them released earlier, I'm definitely
flexible.
On 01/16/2012 08:28 PM, Myles C. Maxfield wrote:
Hello!
[snip]
Hi Myles,
I'm going to echo Felipe and Erik's comments, and think you'ld have a better
time porting Network.Browser on top of http-enumerator (now called
http-conduit). Looking at it quickly, it doesn't seems too difficult to
On 01/08/2012 04:12 AM, Aristid Breitkreuz wrote:
Why? I don't actually need the hash object for anything, usually. All
I need is the ByteString, and then I need to learn how to use the
cereal package to get it...
The whole rationale i believe, is having meaningful types associated to your
On 01/08/2012 02:35 PM, Aristid Breitkreuz wrote:
To use the hash, I have to convert it to a ByteString, and then I
suddenly have lost all this safety. I don't really see how there is
any real safety gained.
Using the hash and carrying it around are two different things. You don't get
any
On 01/07/2012 04:21 PM, Aristid Breitkreuz wrote:
Yeah and that's annoying IMHO. :)
It's not really important though.
What would you prefer ?
At the moment, i'm inclined to someday move cryptohash apis to be similar to
crypto-api. i.e. from a result type being a bytestring to an opaque
On 11/27/2011 04:27 AM, Michael Snoyman wrote:
Hi all,
tl;dr: randomIV is now much faster, API is the same, upgrade ASAP to
avoid painful slowdowns.
Version 0.7 of clientsession brought with it a much enhanced
encryption and hashing algorithm, courtesy of Felipe Lessa. Beginning
with this
On 11/22/2011 05:22 AM, Jeremy Shaw wrote:
I think the artwork is nice, but I am not sure that a lamb is an
appropriate mascot for Haskell.
snip
I disagree as well. I think you're looking too much into what a mascot should
means; looking at others mascot, linux's tux, freebsd's demon, go lang's
On 11/16/2011 01:01 AM, heathmatlock wrote:
I liked Go's mascot, and I figure it couldn't hurt to have our own. I spent
the past hour making this:
http://i.imgur.com/Mib6Q.png
awesome. It's really nice,
--
Vincent
___
Haskell-Cafe mailing list
On 11/02/2011 09:51 AM, Eugene Kirpichov wrote:
Hi Claude,
I suspected that the issue could be about unsafe foreign imports - all imports
in the cairo bindings are safe.
I compiled myself a version of cairo bindings with the rectangle and fill
functions marked as unsafe.
Unfortunately that
On 11/02/2011 10:10 AM, Eugene Kirpichov wrote:
Oh. This is pretty crazy, I wonder what they're doing with GMP so much...
I modified the Haskell program to use cairo directly, even with safe calls,
and it now takes the same time as the C program.
yep, i ended up doing the exact same thing
On 10/20/2011 08:27 PM, Bas van Dijk wrote:
Hello,
I've a small patch[1] that updates the rss package to the latest
versions of its dependencies. (I'm trying to get the new
hackage-server to build on ghc-7.2.1)
However Bjorn Bringert told me he's no longer maintaining the package.
He asked me
On 10/18/2011 01:30 AM, Conrad Parker wrote:
And I often work with mixed text/binary data (eg. text annotations in
video streams). I'd want the Show/Read instances to be in the form of
a hexdump with char representation alongside (like xxd or od -xc
output). It roundtrips well, so why not? :-)
On 10/04/2011 11:07 PM, Jason Dagit wrote:
On Tue, Oct 4, 2011 at 2:15 PM, Vincent Hanquezt...@snarc.org wrote:
Any comments welcome,
Nice! Have you looked at Petr Rockai's hashed-storage?
http://hackage.haskell.org/package/hashed-storage-0.5.8
i heard about it before, but i don't know
On 10/05/2011 01:58 AM, Conrad Parker wrote:
Hi Vincent,
great stuff!
I've also got an in-progress toy git clone called ght:
http://github.com/kfish/ght. It only reads, no write support and no
revspec parsing. I tried to keep close to the git design, using mmap
and Ptr-based binary search to
Hi Haskellers,
I just want to announce the hit project [1], which is a reimplementation of low
level git operations to read *AND* write to a git repository. It support reading
from anything i threw at it (loose objects, packed objects, deltas), a subset of
revisions specifier (man
On 09/27/2011 11:54 PM, Thomas DuBuisson wrote:
The crypto-api test modules have been split out into their own
package, crypto-api-tests. Additionally, the tests now use the
test-framework package. This should make it much easier for
hash/cipher maintainers to integrate into their existing
On 09/22/2011 02:00 AM, Felipe Almeida Lessa wrote:
On Wed, Sep 21, 2011 at 5:19 PM, Vincent Hanquezt...@snarc.org wrote:
Also, it seems that cryptohash's Skein is currently broken. The skein
package comes with the golden KATs sent by the Skein team to the
NIST, and passes everything. OTOH,
On 09/21/2011 05:01 PM, Felipe Almeida Lessa wrote:
I'm aware of cryptohash. I just went through the lazy route of
binding to the C library instead of implementing those UBI details =).
hehe, fair enough. :-)
It would be nice to merge and have everything on cryptohash though.
And I guess
On 09/21/2011 03:53 AM, Felipe Almeida Lessa wrote:
Hello!
I'm pleased to announce the first version of the skein package [1]!
Skein is a family of fast secure cryptographic hash functions [2].
The skein package provides high-level bindings (using crypto-api [3])
to the optimized Skein C
On Sat, Aug 13, 2011 at 10:56:49AM -0500, Tristan Ravitch wrote:
I've wanted a slightly fancier status bar than xmobar for a while, so
I finally made one. It uses gtk2hs and dbus extensively, so if you
hate either of those things it probably isn't for you. Being written
in gtk, though, it
On 06/17/2011 10:00 AM, Dmitri O.Kondratiev wrote:
Hi,
I try to parse csv file with Text.CSV, like this:
import Text.CSV
import System
main = do
[inpFileName] - getArgs
putStrLn (Parsing ++inpFileName++...)
let result = parseCSVFromFile inpFileName
print result
=== As a
On Thu, May 05, 2011 at 11:56:42AM +0200, Peter Simons wrote:
Hi Matthew,
While I haven't investigated myself, from seeing haskell build processes
in the past this is almost certainly not crypto-api's fault and is in
fact your linker's fault. If you are not using it already, try
On 04/26/2011 10:17 PM, Charles-Pierre Astolfi wrote:
Hi -cafe,
Did anybody managed to install haskellnet from hackage with ghc7?
I tried on windows and mac and I get the following type error:
[ 4 of 11] Compiling Network.HaskellNet.SMTP (
Network/HaskellNet/SMTP.hs,
On Sat, Mar 05, 2011 at 08:51:59PM +0100, Bas van Dijk wrote:
Hello,
I like to turn my Haskell program into a unix daemon. One of the steps
in daemonizing a process is to fork it then exit the parent and
continue with the child. All this is nicely abstracted in
hdaemonize[1] which
On Thu, Feb 17, 2011 at 07:30:23PM +0100, Henning Thielemann wrote:
Do you think it is paranoid? Unfortunately it has become quite common to
ignore SSH warnings because admins often do not care about restoring
keys when updating the operating system or moving the machine, even not
telling
On Tue, Feb 15, 2011 at 11:49:16PM -0200, Diego Souza wrote:
Hi,
thanks for the feedbacks. They sound very reasonable.
Going back in time, the first version was in fact a pure library.
However, at some point I changed this as I thought it would make it
easier to use, which might have been
On Tue, Feb 15, 2011 at 10:42:57AM -0800, Jeremy Fitzhardinge wrote:
And since I'm still trying to get my head around enumerators, I may have
that aspect of things completely wrong. I haven't even tried running
any of this yet, so I don't know if I've made any non-type errors.
Am I even
On Fri, Feb 04, 2011 at 08:00:24AM +0200, Michael Snoyman wrote:
Hi everyone,
Does anyone else have trouble installing the AES package on a 32-bit
system? My system at home installs it just fine, but my VPS chokes
with the following error messages (plus a bunch of warnings):
On Fri, Feb 04, 2011 at 06:11:38AM +, Daniel Peebles wrote:
Knowing nothing about the package or its code, it looks like a typo to me.
The stdint.h naming of types would have it be uint64_t, not uint_64t. Could
that be it?
While it does indeed solve the problem, technically the whole code
On Tue, Dec 14, 2010 at 11:41:29AM +0100, Mads Lindstrøm wrote:
Hi Vincent,
I got it to work :) But there seems to be some bugs in the Haskell
server certificate handling. It seems that TLS do not transfer the ST
(state, as in California) parameter in the X509 subject field. It also
seems
On Tue, Dec 14, 2010 at 10:24:29PM +0100, Florian Weimer wrote:
* Mads Lindstrøm:
I got it to work :) But there seems to be some bugs in the Haskell
server certificate handling. It seems that TLS do not transfer the ST
(state, as in California) parameter in the X509 subject field. It also
On Tue, Dec 14, 2010 at 09:21:48PM +0100, Mads Lindstrøm wrote:
Hi Haskeleers,
[snip]
It seems to me that a general SSL implementation should not preclude
asynchronous servers. I know, the TLS package is not more than a few
months old and one can already use it for SSL servers and clients,
On Sun, Dec 12, 2010 at 08:13:59PM +0100, Mads Lindstrøm wrote:
Hi Haskellers,
I am trying to connect a Java client to a Haskell server using the
Haskell tls package, and things are not working out for me. There is a
lot of steps involved and I do not know what I am doing wrong, so this
On 08/12/10 20:25, Luke Palmer wrote:
I could upload a new version of mtl if I wanted. Plenty of people
would install it.
Correct me if i'm wrong; You would appear in the UploadedBy, and then
you might be challenged by the traditional uploaders or attentive users
(most users wouldn't know
On 08/12/10 10:41, Ketil Malde wrote:
Yes. And you should start with assessing how much cost and
inconvenience you are willing to suffer for the improvement in
security you gain. In this case, my assertion is that the marginal
worsening of security by having a mirror of hackage even without
On 09/12/10 07:01, Tony Morris wrote:
I teach haskell quite a lot. I recommend using .ghci files in projects.
Today I received complaints about the fact that ghci will reject .ghci
if it is group-writeable. I didn't offer an opinion on the matter. I am
wondering if these complaints have
On Thu, Dec 09, 2010 at 10:45:39PM +1100, Ivan Lazar Miljenovic wrote:
On 9 December 2010 20:55, Vincent Hanquez t...@snarc.org wrote:
You might have misunderstood what I was talking about. I'm proposing signing
on the hackage server on reception of the package,
where it can be verified
On 08/12/10 08:13, Ketil Malde wrote:
My apologies for not expressing myself more clearly. What I mean is
that currently, Hackage has a ton of users, each of whom may at whim
upload a new version of any library. It's not clear to me that security
is significantly worsened by adding a mirror.
I would really like mirrors too.
But before that happens it would be nice to have signed packages on
Hackage, preventing
a mirror to distribute compromised stuff (intentionally or unintentionally).
--
Vincent
___
Haskell-Cafe mailing list
On Sat, Oct 09, 2010 at 12:53:17PM +0100, Maciej Piechotka wrote:
I don't think I quite follow. Could you explain?
sorry for beeing confusing. I meant something like a pure iteratee interface,
so that you get the marshalled data to send in a bytestring format, and then
you can decide yourself
On Mon, Oct 11, 2010 at 09:06:45AM +0100, Sittampalam, Ganesh wrote:
While I agree with the potential benefits, I also worry that you will
end up making something that is far less well tested in practice. For
widely used and fairly low-level libraries like gnutls, openssl and
zlib, I'm just
On Fri, Oct 08, 2010 at 12:54:48PM +0100, Sittampalam, Ganesh wrote:
What's the motivation for this?
Well, I wanted to have a tls/ssl module that integrate nicely with haskell.
until then the 2 solutions were:
- shelling out to curl: that's not great, usually works until you have an
error, and
On Fri, Oct 08, 2010 at 02:08:29PM +0200, Christopher Done wrote:
Indeed. Easier to install, easier to hack on (for Haskellers). Haskell
program coverage, debugging, extending your quickcheck tests, etc.
absolutely.
I'm certainly hoping to quickcheck all that is quickcheckable. The next thing
, if you want me to rename it though, as I can't really
think of a better name.
--
Vincent Hanquez
___
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe
to an external program.
--
Vincent Hanquez
___
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe
On Fri, Oct 08, 2010 at 08:47:39AM +0200, Michael Snoyman wrote:
By the way, a native zlib implementation would definitely go on my
wishlist. Any takers? ;)
Me too ! that's the only thing that prevented me from adding the compression
layer to TLS. as such it's on my todo list, but really really
On Thu, Oct 07, 2010 at 12:29:51AM +0200, Christopher Done wrote:
On 6 October 2010 23:26, Vincent Hanquez t...@snarc.org wrote:
I'ld like to announce the tls package [1][2], which is a native
implementation
of the TLS protocol, client and server. It's currently mostly supporting
SSL3
with probable API changes on the way.
[1] http://github.com/vincenthz/hs-tls
[2] http://hackage.haskell.org/package/tls
--
Vincent Hanquez
___
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe
On Wed, Jul 14, 2010 at 11:43:45AM -0700, Thomas DuBuisson wrote:
Vincent said:
couple of comments around the hashes interface:
* updateCtx works on blockLength, instead of working on arbitrary size...
So for performance reasons you seem to prefer Semantics 1.2?
1.2 Multiple of
1 - 100 of 110 matches
Mail list logo