From: Shark8 <OneWingedShark@gmail.com>
Subject: Re: Ada's ranking of popularity at IEEE Spectrum
Date: Thu, 10 Jul 2014 19:15:30 -0600
Date: 2014-07-10T19:15:30-06:00 [thread overview]
Message-ID: <PUGvv.122132$Xu4.53303@fx14.iad> (raw)
In-Reply-To: <lpnad1$gl7$1@dont-email.me>
On 10-Jul-14 18:16, Simon Clubley wrote:
> On 2014-07-10, Marius Amado-Alves <amado.alves@gmail.com> wrote:
>>> My current number one example: implementing OpenSSL in Ada is exactly
>>> the kind of thing Ada would be good at. Unfortunately, it's also not
>>> practical.
>>
>> On the contrary, it would be very practical to have AWS working well with SSL...
>> I was never able to do that on Windows.
>> AWS is a great lib, but horrible at installing.
>
> A requirement behind rewriting OpenSSL would be to enable it's use in
> _all_ the operating systems and platforms which currently use OpenSSL.
> If this isn't the case, your replacement is destined to remain a niche
> and generally forgotten product. It would also need to be compatible
> with OpenSSL's API.
What is the cost of writing an API compatibility layer compared to that
of a formally verified implementation of SSL? What is the difficulty
level of presenting the SSL-implementation in a manner that conforms to
OpenSSL's API?
>
> While I focused on OpenSSL in my comments, Ada (as a language) would
> also be a good choice for replacing the client side SSL libraries such
> as Firefox's use of NSS.
If the effort to implement the protocol with formal verification is
made, then it only makes sense to do both client and server
implementations -- the tests for each would of necessity use the other.
>
> Unfortunately the same issues apply here because unless your SSL client
> library replacement can operate in all the same environments as the C
> language library it would replace, then it's destined to remain a niche
> and forgotten product.
>
> Simon.
>
Ridiculous -- even without availability on *every* system a secure SSL
implementation would be welcome in servers by businesses concerned w/
security.
As an example, the formally verified DNS Ironsides was usable even when
it did not support the recursive form of DNS -- now that it handles both
the authoritative and recursive forms there is little to prevent
adoption by [small] businesses. (I know of one semi-locally that'll be
switching over, says the BIND configuration he has now is rather complex
and finicky.)
next prev parent reply other threads:[~2014-07-11 1:15 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-06 15:19 Ada's ranking of popularity at IEEE Spectrum Dan'l Miller
2014-07-06 16:25 ` gautier_niouzes
2014-07-06 17:18 ` Dan'l Miller
2014-07-06 18:03 ` Ludovic Brenta
2014-07-06 19:03 ` Dan'l Miller
2014-07-06 19:41 ` Ludovic Brenta
2014-07-07 7:03 ` Tero Koskinen
2014-07-06 22:15 ` Brad Moore
2014-07-07 13:14 ` Peter Chapin
2014-07-07 14:27 ` Dan'l Miller
2014-07-09 15:01 ` Brad Moore
2014-07-10 7:42 ` Maciej Sobczak
2014-07-10 13:56 ` Peter Chapin
2014-07-10 18:18 ` Nasser M. Abbasi
2014-07-10 18:30 ` Nasser M. Abbasi
2014-07-11 4:55 ` theanalogmachine
2014-07-11 11:56 ` G.B.
2014-07-07 8:37 ` Brian Drummond
2014-07-06 19:41 ` sbelmont700
2014-07-08 17:25 ` Shark8
2014-07-08 23:03 ` sbelmont700
2014-07-08 23:30 ` Jeffrey Carter
2014-07-09 0:29 ` sbelmont700
2014-07-09 2:30 ` Shark8
2014-07-27 2:01 ` David Thompson
2014-07-27 20:19 ` sbelmont700
2014-07-28 3:53 ` Dan'l Miller
2014-07-07 0:17 ` Simon Clubley
2014-07-07 1:17 ` Nasser M. Abbasi
2014-07-07 6:11 ` Simon Wright
2014-07-07 6:30 ` Georg Bauhaus
2014-07-07 9:04 ` Brian Drummond
2014-07-07 13:33 ` Simon Wright
2014-07-07 16:11 ` Brian Drummond
2014-07-10 19:49 ` Marius Amado-Alves
2014-07-10 20:19 ` Shark8
2014-07-10 21:39 ` björn lundin
2014-07-10 22:54 ` Shark8
2014-07-11 7:26 ` Dmitry A. Kazakov
2014-07-11 7:37 ` Maciej Sobczak
2014-07-11 9:32 ` björn lundin
2014-07-12 21:43 ` Marius Amado-Alves
2014-07-13 8:52 ` björn lundin
2014-07-11 0:16 ` Simon Clubley
2014-07-11 0:40 ` Jeffrey Carter
2014-07-11 1:15 ` Shark8 [this message]
2014-07-11 7:03 ` Simon Clubley
2014-07-08 20:10 ` gautier_niouzes
2014-07-10 13:30 ` Gerd
2014-07-10 15:14 ` Shark8
2014-07-10 19:16 ` Jeffrey Carter
2014-07-11 2:17 ` Dennis Lee Bieber
2014-07-11 0:39 ` gvdschoot
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox