Re: Thoughts about library contexts

2019-02-18 Thread Richard Levitte
On Mon, 18 Feb 2019 11:17:45 +0100, Matt Caswell wrote: > At the moment OPENSSL_CTX is implemented using CRYPTO_EX_DATA. An alternative > implementation approach would be that the struct is internally transparent and > is just a bucket of stuff (without using CRYPTO_EX at all). I guess the reason

Re: Thoughts about library contexts

2019-02-18 Thread Tim Hudson
On Mon, Feb 18, 2019 at 8:36 PM Matt Caswell wrote: > > > On 18/02/2019 10:28, Tim Hudson wrote: > > It should remain completely opaque. > > As a general rule, I've never seen a context where someone regretted > making a > > structure opaque over time, but the converse is not true. > > This is

Re: Thoughts about library contexts

2019-02-18 Thread Matt Caswell
On 18/02/2019 10:28, Tim Hudson wrote: > It should remain completely opaque. > As a general rule, I've never seen a context where someone regretted making a > structure opaque over time, but the converse is not true. > This is opaque and should remain opaque. > We need the flexibility to adjust

Re: Thoughts about library contexts

2019-02-18 Thread Tim Hudson
It should remain completely opaque. As a general rule, I've never seen a context where someone regretted making a structure opaque over time, but the converse is not true. This is opaque and should remain opaque. We need the flexibility to adjust the implementation at will over time. For anything

Re: Thoughts about library contexts

2019-02-18 Thread Matt Caswell
On 18/02/2019 01:38, Michael Richardson wrote: > > Paul Dale wrote: > > Library contexts are going to allow us to separate different portions > of the > > TLS/cryptographic activity within one application. No problems, here. > This > > seems like a useful and worthwhile idea. It

Re: Thoughts about library contexts

2019-02-18 Thread Michael Richardson
Paul Dale wrote: > Library contexts are going to allow us to separate different portions of the > TLS/cryptographic activity within one application. No problems, here. This > seems like a useful and worthwhile idea. It will e.g. be a way to separate > FIPS and non-FIPS streams

Re: Thoughts about library contexts

2019-02-18 Thread Richard Levitte
On Sun, 17 Feb 2019 23:18:08 +0100, Paul Dale wrote: > Library contexts are going to allow us to separate different portions of the > TLS/cryptographic > activity within one application. No problems, here. This seems like a > useful and worthwhile > idea. It will e.g. be a way to separate

Thoughts about library contexts

2019-02-17 Thread Paul Dale
Library contexts are going to allow us to separate different portions of the TLS/cryptographic activity within one application. No problems, here. This seems like a useful and worthwhile idea. It will e.g. be a way to separate FIPS and non-FIPS streams nicely. I've a reservation about