Matt England, lead designer at Cleversafe here, following up on this thread:
http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg00775.html
some of which is copied below.
Yes, we gladly use Mozilla's NSS. It provides the necessary licensing we
require for our GPL- and commercial-based dual licenses of our
software. We had previously integrated with OpenSSL's stuff, but switched
to NSS because it is more GPL friendly (even though we kept the
OpenSSL-interfacing code in our trunk, we now exclusively build with the
NSS interface). And while I don't work directly with the networking module
of Cleversafe's software which embeds NSS, I have not heard any complaints
from the developers that do (namely Jason Resch and Wesley Leggette, as was
noted originally in the NSS email thread on Cleversafe), and that's
typically a good thing.
We do have some technical questions generated from our integrating the NSS
libraries with our stuff; I'll send those in a separate email or
emails. More comments to this thread follow.
Bob Relyea on Mon, 21 Aug 2006 17:53:49 -0700 wrote:
http://svn.cleversafe.org/dscore/trunk/common/src/libds-util/util/encryption/
Unfortunately their higher level API consists of key blobs, so they can't
easily convert to something like using keys on smart cards (or even in the
NSS database).
I would like us (Cleversafe) to evaluate supporting a more-general API to
support keys/smart-cards/database/etc if it makes sense to do so. I'll be
putting this evaluation on our todo list (Wesley will most likely be
checking into it). We welcome any further details/pointers to help us with
this evaluation and possible integration (assuming it has not been done
since Bob's above comment). We'd like to get our interfaces right before
we go into beta.
Also note, for what it's worth:
http://cleversafe.org/wiki/DSAPI
DSAPI = Dispersed Storage API.
An aside: Cleversafe has long-term thoughts of enabling some of Mozilla's
applications/modules with native Dispersed-Storage capability (eg, enabling
Firefox to be a native client, at least in a read-only sense to read
"ds://" URIs that point to assets on a dispersed-storage service/grid much
the same way that browsers can be native bit-torrent clients); please ask
if you're interested in more details. For now, Cleversafe is focused on
maturing its software and associated storage services to a Beta level of
quality.
-Matt
Dispersed Storage: http://cleversafe.org
Bob Relyea on Mon, 21 Aug 2006 17:53:49 -0700 wrote:
Nelson Bolyard wrote:
Frank Hecker wrote:
From Slashdot I found this New York Times story
http://www.nytimes.com/2006/08/21/technology/21storage.html
on Cleversafe, an open source project to develop a dispersed data
storage system to store data in encrypted form using an "m of n"
recovery technique:
http://www.cleversafe.org/
Besides the general idea, I found it interesting that they're using NSS
as part of their product. (In fact, someone from Cleversafe was on this
forum a while ago asking questions about static linking of NSS.) Also
note that they're using NSS code under the GPL licensing option.
Frank, Where did you find any mention of NSS in all that stuff?
I looked briefly but didn't find any.
http://svn.cleversafe.org/dscore/trunk/common/src/libds-util/util/encryption/
Unfortunately their higher level API consists of key blobs, so they can't
easily convert to something like using keys on smart cards (or even in the
NSS database).
bob
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
