On Sun, Dec 17, 2006 at 15:43:27 +0300, Bulat Ziganshin wrote:
Hello Magnus,
Friday, December 15, 2006, 7:26:41 PM, you wrote:
When reading this[1] I couldn't help thinking that rewriting GPG is an excellent opportunity for using Haskell to have an impact on the world.
Haskell can't provide fast execution speed unless very low-level programming style is used (which is much harder to do in Haskell than in C, see one of my last messages for example) AND jhc compiler is used
You are right, of course, speed may be an issue. However, I believe that in implementing something like GPG correctness is a whole lot more important than speed. If the speed of a pure Haskell implementation is a problem then it's always possible to implement a few critical pieces in C. As it stands now GPG is written in C and only C. All large bodies of source has security problems, C is notorious for being "difficult" in regard to security. A pure Haskell (or at least as pure as possible) would 1. Contain less lines of code. Less code means less code that may contain security issues. 2. Avoid security issues due to interference between features. Many a security issue has sprung from unintended interference, or assumptions, in (global) state. 3. Be garbage-collected, memory-allocation is a source of many security issues. 4. Push type safety a _lot_ further than C can. No pointer arithmetic, no string-as-a-pointer-to-a-char, no implicit type conversion, no accidental mixing of signed and unsigned types (correct me if I'm wrong here), ... There is of course the possibility that Haskell would bring a whole slew of yet-to-be-determined security issues. I doubt it will be worse than C though. /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus.therning@gmail.com http://therning.org/magnus