[Haskell-cafe] ANNOUNCE: secure-sockets version 1.0

Thomas DuBuisson thomas.dubuisson at gmail.com
Mon Sep 6 12:38:43 EDT 2010

On Mon, Sep 6, 2010 at 9:16 AM, Thomas DuBuisson
<thomas.dubuisson at gmail.com> wrote:
> Good work Dan!

Sorry!  David.  Good work David.  Not sure where "Dan" came from.

 Would you be interested in providing a build option
> that replaces the OpenSSL dependency with something more stand-alone?
> Or does ossl perform a significant part of the TLS protocol work for
> you (vs just being used for algorithms)?
> Anyone impatient for the midnight haddocking can see the docs here:
> http://web.cecs.pdx.edu/~dubuisst/secure-sockets-1.0/html/
> Cheers,
> Thomas
> On Sun, Sep 5, 2010 at 10:26 PM, David Anderson <dave at natulte.net> wrote:
>> Hi,
>> I'm happy to announce the first release of secure-sockets, a library which
>> aims to simplify the task of communicating securely between two
>> authenticated peers.
>> --------------------------------------------
>> -- What it is
>> --------------------------------------------
>> The API mimicks that of Network.Socket, and introduces the additional notion
>> of peer identity, which is distinct from the endpoint address (host and
>> port). Connections can only be established between two peers who know and
>> expect to be communicating with each other.
>> Transport security is implicitly taken care of: an established
>> Network.Secure.Connection implies that each end of the connection
>> successfully authenticated to the other, and that they have setup strong
>> encryption for your data.
>> --------------------------------------------
>> -- What it isn't
>> --------------------------------------------
>> The library leans towards the "zero configuration" end of the spectrum, and
>> basically Just Works. This means that if you know exactly what you want and
>> need for the cipher, authentication algorithm, key type and length, key
>> exchange protocol, HMAC algorithm, rekeying intervals, random number
>> source... Then secure-sockets is not for you.
>> If on the other hand you just want to replace your current cleartext
>> "cipher" and faith-based "authentication" code with something that gives you
>> a good chance of being secure (see caveats in docs), without diving into the
>> rich madness that is full blown SSL, then you might want to take a look.
>> This library assumes that both ends of a connection are using it. The goal
>> of secure-sockets is not to allow you to connect to any SSL-enabled server,
>> or to speak a particular standard flavor of authentication protocol.
>> Internally, secure-sockets uses SSL to achieve its goals, so you might get
>> lucky if you do it just right, but that is an implementation detail. The
>> library is designed to help you easily secure communications between two
>> programs whose implementation you control, not between you and anything out
>> there.
>> --------------------------------------------
>> -- Links
>> --------------------------------------------
>> Homepage: http://secure-hs.googlecode.com/
>> Hackage page: http://hackage.haskell.org/package/secure-sockets
>> Bug tracker: http://code.google.com/p/secure-hs/issues/list
>> Code repository: https://secure-hs.googlecode.com/hg
>> --------------------------------------------
>> -- Thanks
>> --------------------------------------------
>> I'd like to thank my employer, Google. Not only did they not get mad at the
>> idea that I might want to hack on Haskell during working hours (as my "20%
>> project"), they also made it very painless for me to open source this code
>> when the time came.
>> --------------------------------------------
>> -- Questions?
>> --------------------------------------------
>> Questions, comments, suggestions and patches can be filed in the issue
>> tracker, emailed directly to me, or thrown out on haskell-cafe.
>> Hope you find this code useful!
>> - Dave
>> _______________________________________________
>> Haskell-Cafe mailing list
>> Haskell-Cafe at haskell.org
>> http://www.haskell.org/mailman/listinfo/haskell-cafe

More information about the Haskell-Cafe mailing list