[Haskell-cafe] ANNOUNCE: secure-sockets version 1.0
David Anderson
dave at natulte.net
Mon Sep 6 01:26:27 EDT 2010
Hi,
I'm happy to announce the first release of secure-sockets, a library which
aims to simplify the task of communicating securely between two
authenticated peers.
--------------------------------------------
-- What it is
--------------------------------------------
The API mimicks that of Network.Socket, and introduces the additional notion
of peer identity, which is distinct from the endpoint address (host and
port). Connections can only be established between two peers who know and
expect to be communicating with each other.
Transport security is implicitly taken care of: an established
Network.Secure.Connection implies that each end of the connection
successfully authenticated to the other, and that they have setup strong
encryption for your data.
--------------------------------------------
-- What it isn't
--------------------------------------------
The library leans towards the "zero configuration" end of the spectrum, and
basically Just Works. This means that if you know exactly what you want and
need for the cipher, authentication algorithm, key type and length, key
exchange protocol, HMAC algorithm, rekeying intervals, random number
source... Then secure-sockets is not for you.
If on the other hand you just want to replace your current cleartext
"cipher" and faith-based "authentication" code with something that gives you
a good chance of being secure (see caveats in docs), without diving into the
rich madness that is full blown SSL, then you might want to take a look.
This library assumes that both ends of a connection are using it. The goal
of secure-sockets is not to allow you to connect to any SSL-enabled server,
or to speak a particular standard flavor of authentication protocol.
Internally, secure-sockets uses SSL to achieve its goals, so you might get
lucky if you do it just right, but that is an implementation detail. The
library is designed to help you easily secure communications between two
programs whose implementation you control, not between you and anything out
there.
--------------------------------------------
-- Links
--------------------------------------------
Homepage: http://secure-hs.googlecode.com/
Hackage page: http://hackage.haskell.org/package/secure-sockets
Bug tracker: http://code.google.com/p/secure-hs/issues/list
Code repository: https://secure-hs.googlecode.com/hg
--------------------------------------------
-- Thanks
--------------------------------------------
I'd like to thank my employer, Google. Not only did they not get mad at the
idea that I might want to hack on Haskell during working hours (as my "20%
project"), they also made it very painless for me to open source this code
when the time came.
--------------------------------------------
-- Questions?
--------------------------------------------
Questions, comments, suggestions and patches can be filed in the issue
tracker, emailed directly to me, or thrown out on haskell-cafe.
Hope you find this code useful!
- Dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.haskell.org/pipermail/haskell-cafe/attachments/20100906/104c19a8/attachment.html
More information about the Haskell-Cafe
mailing list