[Haskell-cafe] SSL support for hackage and cabal

Donn Cave donn at avvanta.com
Sun Nov 3 17:02:06 UTC 2013

Quoth Johan Tibell,
[ ... Re Haskell TLS implementation ]

> True. Although to be honest I want something true and tested when it comes
> to crypto.

Don't believe in security by obscurity?  

How strongly do you feel about the cross platform and dependency issues?

When I needed SSL encryption, I whipped up a little module with foreign
calls to OpenSSL.  For an ordinary client, which is all I use it for any
more, it's a simple interface -- init, connect, read, write, a couple
error functions.  I have to link -lssl -lcrypto.  The great thing about
this is, not only do I have a high degree of confidence in the implementation,
I don't expect it to _ever_ change in a way that will inconvenience me.
If my application ever needs to work on a platform with a different SSL,
just need a new module with init/connect/write etc.

Does that seem like a possibility, just write minimal interfaces to
existing platform standard SSL implementations, and move on to more
interesting problems?  Or is this really an area with interesting problems
of its own that I'm missing?


More information about the Haskell-Cafe mailing list