From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,
	REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4
X-Google-Thread: 103376,29d8139471e3f53e
X-Google-NewGroupId: yes
X-Google-Attributes: gida07f3367d7,domainid0,public,usenet
X-Google-Language: ENGLISH,ASCII-7-bit
Path: 
 g2news1.google.com!news4.google.com!feeder.news-service.com!kanaga.switch.ch!switch.ch!news.belwue.de!newsfeed.ision.net!newsfeed2.easynews.net!ision!newsfeed.arcor.de!newsspool3.arcor-online.net!news.arcor.de.POSTED!not-for-mail
From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Subject: Re: Securing type extensions
Newsgroups: comp.lang.ada
User-Agent: 40tude_Dialog/2.0.15.1
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Reply-To: mailbox@dmitry-kazakov.de
Organization: cbb software GmbH
References: <87iq2bfenl.fsf@mid.deneb.enyo.de>
	<87y6b7cedd.fsf@mid.deneb.enyo.de>
	<66a3704c-54f9-4f04-8860-aa12f516134b@t3g2000vbb.googlegroups.com>
	<87d3sib44t.fsf@mid.deneb.enyo.de>
	<134q4k2ly2pf4$.17nlv1q6q5ivo.dlg@40tude.net>
	<4c8dec8e$0$6990$9b4e6d93@newsspool4.arcor-online.net>
	<epkb3s8dfxk0$.1qdvo5vg2fsgh.dlg@40tude.net>
	<4c8e3f44$0$6769$9b4e6d93@newsspool3.arcor-online.net>
 <m2wrqplfq9.fsf@pushface.org>
 <4c8e87f8$0$6877$9b4e6d93@newsspool2.arcor-online.net>
 <kkmggyjwewu0.1x2hs43s6afbe$.dlg@40tude.net>
 <4c8f4833$0$6763$9b4e6d93@newsspool3.arcor-online.net>
 <2ka8sfdvyvil.1k714obgzgj3a.dlg@40tude.net>
 <4c8fe6ad$0$6759$9b4e6d93@newsspool3.arcor-online.net>
 <1dd5fjdnyl5ek.1ju0bvot51loy.dlg@40tude.net>
 <4c9130f6$0$7656$9b4e6d93@newsspool1.arcor-online.net>
 <1rzqpilsu35mh.dzxeefhdmt1s.dlg@40tude.net>
 <4c920504$0$6767$9b4e6d93@newsspool3.arcor-online.net>
 <9d43s5gucfe8.1llq6tdbd4e0h.dlg@40tude.net>
 <4c9283cc$0$6977$9b4e6d93@newsspool4.arcor-online.net>
Date: Thu, 16 Sep 2010 23:37:38 +0200
Message-ID: <got40q2d7jdy$.1tqapit9ardma$.dlg@40tude.net>
NNTP-Posting-Date: 16 Sep 2010 23:37:36 CEST
NNTP-Posting-Host: 2a7f8a7b.newsspool3.arcor-online.net
X-Trace: 
 DXC=g=24fVC8Y35;]cDoEWD6A4McF=Q^Z^V384Fo<]lROoR18kF<OcfhCO;T`HEQ_c?<<2[6LHn;2LCV>[<mhadbfdU;R`WjfNnbKY9bNG8E3SiKP6
X-Complaints-To: usenet-abuse@arcor.de
Xref: g2news1.google.com comp.lang.ada:14128
Date: 2010-09-16T23:37:36+02:00
List-Id: <comp.lang.ada>

On Thu, 16 Sep 2010 22:53:32 +0200, Georg Bauhaus wrote:

> On 9/16/10 2:45 PM, Dmitry A. Kazakov wrote:
> 
>>> Party X made a library, L, of O-O types, abstract or not.
>>> Party Y extends a type in L, say T
>>>
>>> I'm talking about how X and Y can trust each other before
>>> X licenses the library and before Y writes an extension.
>>
>> They need not.
> 
> OK, each party to a legal contract may chose to not care
> about the consequences of joining untrusted partners in software.

You missed the point, there is no such relation between specification
(class of L) and implementation (member of the class). There is one between
a client and the provider of an implementation.

> Yet you enumerate reassuring language facilities of Ada,
> noting that static analysis frees you from all concerns? Do I
> understand correctly?

It frees me from certain concerns.

> This is where lawyers, sales people, engineers, support
> staff, and customers spend a lot of their time.  They give
> effective meaning to the sentences. This is where trust
> is generated.

Generated trust does not free me from the concerns above. Moreover it makes
me more concerned about where the catch was.

>> If only signatures could make programs working...
> 
> The purpose of signatures put under a software contract
> is to express something related to trust and mistrust.
> Typically, there is a sentence like "we cannot be held
> responsible for ... the usual stuff you have in software.
> But otherwise, ...".

I see, when you sign up to a no-warranty software licensing agreement that
generates a huge amount of trust! Not to me, I know they swindled me again.

>>> When you pay, or don't pay, this is easily measured.
>>
>> Measured what? Do you trust Microsoft?
> 
> Programmers trust Microsoft's Visual Studio to basically function
> as they would expect, and to help them achieve their programming
> goals.

Do *you* trust Microsoft?

As for Visual Studio I wonder if you ever used it. Did you hear anything
about manifest files? The latest MS joke is that the new Visual Studio does
not compile for Windows 9x/me/NT things, which were compilable before. The
single thing you can trust in is that the next version will have absolutely
different interface and incompatible project files.

>>> Psychology, politics, ambition and money are undoubtably parts of
>>> SW engineering, steering the decisions. They are essential to
>>> engineering in general.
>>
>> As a framework they are. That does not make them engineering.
> 
> Of course, if you define engineering to be tautologically not anything
> but some idealized clean room acting by the book, a standard to strive for,
> then whatever makes real engineers' hands move cannot have an influence on
> their produce.  Do you mean the immaculate ideal of engineering, and not
> the engineering we have, perhaps?

It is not about qualities of engineering, it is about what it is what it is
not. Engineering is applying science to solving technical problems.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de