From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Subject: Re: Ada for the TLS/SSL problem?
Date: Thu, 17 Mar 2016 09:14:17 +0100
Date: 2016-03-17T09:14:17+01:00 [thread overview]
Message-ID: <ncdp1b$te$1@gioia.aioe.org> (raw)
In-Reply-To: 87pouunk2g.fsf@mid.deneb.enyo.de
On 16/03/2016 23:18, Florian Weimer wrote:
> * Dmitry A. Kazakov:
>
>> On 2016-03-16 18:42, Florian Weimer wrote:
>>> * Dmitry A. Kazakov:
>>>
>>>> On 15/03/2016 21:47, Florian Weimer wrote:
>>>>> * Peter Brooks:
>>>>>
>>>>>> There are still many problems turning up with TSL authentication. It's
>>>>>> no particular surprise as even OpenSSL has been using C for this code.
>>>>>>
>>>>>> Isn't this an opportunity for Ada to really shine?
>>>>>
>>>>> It's really hard to write a good TLS implementation. Ditching C gets
>>>>> rid of just one class of issues (related memory safety).
>>>>
>>>> At least we could have a better API. GNUTLS design is quite
>>>> uncomfortable to use in a "socket-select" environment.
>>>
>>> That's a consequence of the protocol because any write or read at the
>>> application layer can result in arbitrary sequences of reads *and*
>>> writes on the socket layer. There is just no nice way to express this
>>> in an API.
>>
>> It could have a state machine design, driven by write-ready read-ready
>> events.
>
> It's still very complicated, particularly if you want to leave buffer
> management to the caller. See Java's SSLEngine.
Yes it is more complicated, but not for the user, who within this
framework should already provide and consume data on demand. [It would
be nice to have co-routine "tasks" in Ada to inverse that, but this is
another story.]
Regarding buffer management, firstly you should need none, provided the
design were indeed event-driven.
Secondly, for security reasons you probably would not want to have any
external buffers anyway.
--
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de
next prev parent reply other threads:[~2016-03-17 8:14 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-15 18:46 Ada for the TLS/SSL problem? Peter Brooks
2016-03-15 19:00 ` Shark8
2016-03-15 19:10 ` Peter Brooks
2016-03-15 19:04 ` Shark8
2016-03-15 20:47 ` Florian Weimer
2016-03-16 8:14 ` Dmitry A. Kazakov
2016-03-16 17:42 ` Florian Weimer
2016-03-16 18:25 ` Dmitry A. Kazakov
2016-03-16 22:18 ` Florian Weimer
2016-03-17 8:14 ` Dmitry A. Kazakov [this message]
2016-03-15 21:02 ` Paul Rubin
2016-03-16 4:08 ` Peter Brooks
2016-03-16 6:13 ` Paul Rubin
2016-03-16 12:09 ` Peter Brooks
2016-03-16 17:04 ` Dmitry A. Kazakov
2016-03-16 18:31 ` Peter Brooks
2016-03-16 20:28 ` Dmitry A. Kazakov
2016-03-16 19:57 ` Olivier Henley
2016-03-16 8:42 ` Jacob Sparre Andersen
2016-03-16 8:46 ` Dmitry A. Kazakov
2016-03-16 10:52 ` G.B.
2016-03-16 15:27 ` G.B.
2016-03-16 12:14 ` Peter Brooks
2016-03-16 12:17 ` Bob Butler
2016-04-26 10:42 ` Peter Brooks
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox