Quoth Johan Tibell, [ ... Re Haskell TLS implementation ]
True. Although to be honest I want something true and tested when it comes to crypto.
Don't believe in security by obscurity? How strongly do you feel about the cross platform and dependency issues? When I needed SSL encryption, I whipped up a little module with foreign calls to OpenSSL. For an ordinary client, which is all I use it for any more, it's a simple interface -- init, connect, read, write, a couple error functions. I have to link -lssl -lcrypto. The great thing about this is, not only do I have a high degree of confidence in the implementation, I don't expect it to _ever_ change in a way that will inconvenience me. If my application ever needs to work on a platform with a different SSL, just need a new module with init/connect/write etc. Does that seem like a possibility, just write minimal interfaces to existing platform standard SSL implementations, and move on to more interesting problems? Or is this really an area with interesting problems of its own that I'm missing? Donn