[Haskell-cafe] SSL support for hackage and cabal

Scott Lawrence bytbox at gmail.com
Sun Nov 3 09:48:59 UTC 2013

One could argue that the potential for a false sense of security could make 
(very) bad encryption worse than no encryption.

Personally, I've always been a bit uncomfortable with the small number of 
widely-used implementations (AFAIK OpenSSL and GnuTLS combined account for 
pretty much all TLS-using open-source software), and I think pushing another 
one into wider usage would be a good thing (while acknowledging that it's 
likely more vulnerable than the older implementations).

On Sun, 3 Nov 2013, John Wiegley wrote:

>>>>>> Johan Tibell <johan.tibell at gmail.com> writes:
>> True. Although to be honest I want something true and tested when it comes
>> to crypto.
> Although in this case, the worst scenario is that we return to parity with the
> status quo (i.e., the security lib is worthless and we revert back to having
> no security).
> -- 
> John Wiegley
> FP Complete                         Haskell tools, training and consulting
> http://fpcomplete.com               johnw on #haskell/irc.freenode.net
> _______________________________________________
> Haskell-Cafe mailing list
> Haskell-Cafe at haskell.org
> http://www.haskell.org/mailman/listinfo/haskell-cafe

Scott Lawrence

More information about the Haskell-Cafe mailing list