Simple SSL/TLS - Some Questions
Jill Ramonsky
Jill.Ramonsky at aculab.com
Tue Oct 7 05:11:16 EDT 2003
Comments inlined below
> -----Original Message-----
> From: Ian Grigg [mailto:iang at systemics.com]
> Sent: Monday, October 06, 2003 10:35 PM
> To: Jill Ramonsky
> Cc: cryptography at metzdowd.com; hadmut at danisch.de; ekr at rtfm.com
> Subject: Re: Simple SSL/TLS - Some Questions
>
> The only question I wasn't quite sure of
> was whether, if I take your code, and modify it,
> can I distribute a binary only version, and keep
> the source changes proprietary?
You can't distribute a binary only version of ANY crypto product,
surely? No crypto product can EVER be trustworthy unless you can see the
source code and verify that it has no back doors, and then compile it.
Unless you give your users the power to inspect the source code, and
/know/ that it is the source code (because they can actually compile it
and run the resulting executable) then you could have put all sorts of
back doors into it. You could have added password theft, key escrow, who
knows what?
Don't get me wrong. I agree with you that crypto has enough barriers
already, and I would like to produce something that is as freely
distributable as possible. "For the masses" crypto is, I guess, an
unwritten design goal. But allowing people to hide the crypto source
from crypto users would allow the bad guys (you can define your own bad
guys) to produce Trojan Horse crypto. Closed source crypto is to all
intents worthless. (In my opinion). Please feel free to argue that I'm
wrong.
> My own philosophy has always been that crypto has
> enough barriers on it already, so it should not
> add any more personality quirks than necessary,
> hence preference for BSD two clause. Mind you,
> such a statement is a personality quirk, so you
> be your own judge.
Eek. Was my paragraph above a personality quirk? I thought it was a
sound cryptographic principle.
> Names are really hard. I'd defer that one until
> it pops out.
I agree. But ruling them out is easy. We've already ruled out EasyTLS,
GnuTLS and Pretty Good TLS. That's narrowing things down. Top of the
list currently is TLS++, but that kindof implies it won't work with C.
(This will actually be true for the prototype, but not, I hope, true
indefinitely). I think I'll stick with that for now until a better one
comes up.
> Q: Does your employer have any say or comment
> on this project? Might be wise to clear up the
> posture, and either get it in writing, or make
> the repository public from the git-go. Many an
> open source project has foundered when the boss
> discovered that it works...
It has absolutely nothing whatsoever to do with my employer. All my code
will be written at home in my spare time, and uploaded to CVS or
whatever also from home. It is true that I happen to be sending this
email from work, but even that's in my own time. I don't see how they
have any say. To be /really/ safe, I'd be happy to always post to this
list only from home, but right now I don't think it's a problem.
How do I go about changing the email address with which I'm a member of
this list?
Jill
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list