Qt Cryptographic Architecture

Marc Mutz Marc.Mutz at uni-bielefeld.de
Wed Jan 7 20:08:32 GMT 2004

On Wednesday 07 January 2004 02:10, George Staikos wrote:
>    Ok this is basically what I started to implement as well.  It is
> generally useful, but we don't really have enough need for this yet
> IMHO.  We should keep your implementation in mind for the time when
> we do.
>    Some other notes:
>    - Using OpenSSL should be avoided for hash and cipher plugins
> because it's very big and expensive to load

...and illegal to link against from GPL'ed programs...

>    - As far as KDE is concerned right now, we basically only use MD5,
> with a couple of bits of code using SHA-1, and one place using
> Blowfish.  This is why it's not worth loading a full crypto
> architecture yet.  Eventually it will be very useful though.

I would advise against reimplementing functionality found elsewhere in 
proven code, esp. if it has nothing at all to do with GUIs. In this 
case, I'd expect any such implementation to be a thin wrapper around 
libgcrypt, the latter being the cryptographic core of GnuPG extracted 
into a library (a LGPL one, I might add). The more so as gnutls and 
gsasl both use it already for their cryptography needs and I for one 
will make kdesasl a thin wrapper around gsasl in 


It has become fashionable in the post Cold War world to label
opponents as terrorists [...]. By doing so, the authorities instill
within society a culture of fear, leading people to accept that their
rights (and the rights of others) be trampled on for the sake of the
common good. In other words, it justifies the loss of privacy and a
state of surveillance they would otherwise not accept. Both communism
and fascism were examples of this technique used to perfection.
                  -- John Horvath: The Internet: A Terrorist Network?
                     Telepolis 2001/08/22 (#9350)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20040107/63b96412/attachment.sig>

More information about the kde-core-devel mailing list