Open Source (was Simple SSL/TLS - Some Questions)

Wed Oct 8 09:22:51 EDT 2003

Too late. I've already started. Besides which, posts on this group 
suggest that there is a demand for such a toolkit.

Also, I have a lot of interest in SSL/TLS, and no interest whatsoever in 
IPsec. I believe I am a competent programmer, but the fact is, if you 
want me to write something in my own spare time, something for which I'm 
not being paid, then I'm afraid I do require the subject to interest and 
inspire me.

But I am at least putting my money where my mouth is. I'm doing 
something, not merely talking about it. It may be months before I have 
anything to show off, but that day will come soon enough. And even 
within the confines of the subject of SSL/TLS I'm sure there will be 
people saying "don't do this, do that". Asking me to change /everything/ 
and start again from scratch is unrealistic.

I can only suggest that if you believe there is a need for an IPsec 
library, you might consider picking up a C/C++ compiler and starting to 
code it. Or if that's not your field of expertise, you could ask this 
list for volunteers. But asking someone who's /already/ volunteered for 
something to drop what they volunteered for and do something else 
instead is ... well ... a strategy which is unlikely to succeed, to put 
it politely. I am sorry about that, but I really want to do TLS++ (it 
has a name now, although the name can obviously change). And if it turns 
out that I'm wrong, and those who encouraged me are also wrong, and 
there is no big demand for "Simple-to-use SSL/TLS" after all, then I 
don't care - because _I_ want to use it, and that, to me, is the most 
important demand of all.

Of course, you could always offer to pay me more than my current 
employer, then I'd write anything you wanted!
Jill (Apologetically)

 > -----Original Message-----
 > From: pgut001 at cs.auckland.ac.nz [mailto:pgut001 at cs.auckland.ac.nz]
 > Sent: Wednesday, October 08, 2003 1:57 PM
 > To: arcanejill at ramonsky.com; cryptography at metzdowd.com;
 > iang at systemics.com; rsalz at datapower.com
 > Subject: RE: Open Source (was Simple SSL/TLS - Some Questions)
 >
 >
 > Rich Salz <rsalz at datapower.com> writes:
 >
 > I would add to this the observation that rather than writing
 > yet another SSL
 > library to join the eight hundred or so already out there, it
 > might be more
 > useful to create a user-friendly management interface to
 > IPsec implementations
 > to join the zero or so already out there.  The difficulty in
 > setting up any
 > IPsec tunnel is what's been motivating the creation of (often
 > insecure) non-
 > IPsec VPN software, so what'd be a lot more helpful than (no
 > offense, but) yet
 > another SSL implementation is some means of making IPsec easier to use
 > (although that may not be possible... OK, let's say "less
 > painful to use" :-).
 >
 > Peter.
 >

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com