Hi, I've been wondering about the state of cryptography in haskell. Not so much in the sense of "what libraries are out there?", but rather about the question what crpyto and IT security people think about ideas like rewriting something as OpenSSL in haskell. I know it can be technically done, but are there any remarks in this area that are important for practical security? For example, some people think that it can be dangerous to implement something like this in high-level languages (e.g. java which was vulnerable to timing attacks). Of course I think haskell can do a lot for us to make things safer: * type safety * referential transparency * explicit knowledge about side-effects and which kind ... But that doesn't tell me if it introduces new pitfalls/attack-vectors for practical cryptography implementations. -- Regards, Julian Ospald