Choosing an implementation language
Thor Lancelot Simon
tls at rek.tjls.com
Fri Oct 3 17:35:46 EDT 2003
On Fri, Oct 03, 2003 at 04:31:26PM -0400, Tyler Close wrote:
> On Thursday 02 October 2003 09:21, Jill Ramonsky wrote:
> > I was thinking of doing a C++ implentation with classes and
> > templates and stuff. (By contrast OpenSSL is a C
> > implementation). Anyone got any thoughts on that?
>
> Given the nature of recent, and past, bugs discovered in the
> OpenSSL implementation, it makes more sense to implement in a
> memory-safe language, such as python, java or squeak. Using a VM
I strongly disagree. While an implementation in a typesafe language
would be nice, such implementations are already available -- one's
packaged with Java, for instance.
>From my point of view, the starting point of this discussion could be
restated as "The world needs a simple, portable SSL/TLS implementation
that's not OpenSSL, because the size and complexity of OpenSSL has been
responsible for slowing the pace of SSL/TLS deployment and for a large
number of security holes."
For practical purposes, if such an implementation is to be useful to
the majority of the people who would use it to build products in the
real world, it needs to be in C or _possibly_ C++; those are the only
languages for which compilers *and* runtime environments exist
essentially everywhere. Coming from a background building routers and
things like routers, I can also tell you that if you're going to
require carrying a C++ runtime around, a lot of people building embedded
devices will simply not give you the time of day.
An implementation in a safe language would be _nice_, but religion
aside (please!) it's a cold hard fact that very few products that
people actually use are written in such languages -- if you leave Java
(which already has an SSL implementation) out, "very few" becomes
"essentially zero". And if we're interested in improving the security
of not only our pet projects, but of the interconnected world in
general, it seems to me that producing a good, simple, comprehensible,
small implementation *and getting it into as many products as possible*
would be one of the better possible goals to work towards.
Thor
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list