Note from a donor
codephantom
me at noyb.com
Wed Oct 25 23:37:37 UTC 2017
On Wednesday, 25 October 2017 at 22:46:27 UTC, Adam Wilson wrote:
> Even .NET Framework and Core forward to the highly vetted
> system crypto API's (SChannel on Windows and OpenSSL on
> Linux/macOS). If you need RSA crypto in D, pull in OpenSSL.
> Period. Everything else is a good way to run afoul of a
> security audit, and potentially expose yourself.
>
> Phobos could forward to these system provided API's like .NET
> does and provide an idiomatic D interface, but Phobos itself
> should absolutely and 110% stay out of the crypto
> implementation business.
I agree. D just needs an interface to Encryption providers.
I cannot see how anyone would consider anything other than a
provider model, for something that is so highly complex and
specialised.
More information about the Digitalmars-d
mailing list