Migrating Qt Crytpographic Architecture to KDE CVS

George Staikos staikos at kde.org
Wed Sep 29 14:05:46 BST 2004

On Tuesday 28 September 2004 10:44, Thiago Macieira wrote:
> George Staikos wrote:
> >On Tuesday 28 September 2004 10:03, Jason Keirstead wrote:
> >> On September 28, 2004 09:21 am, George Staikos wrote:
> >> >   KSSL and QCA have almost nothing in common besides being code and
> >> > having a loose relationship to cryptography algorithms.
> >>
> >> I know, thats the great part.
> >
> >   Well then how do you envision QCA to replace KSSL?  It's impossible...
> > At best you could replace one class in KSSL, KOpenSSL.
> The idea is to keep the KSSL front-end (GUI, KSSLSettings, KSSLSession,
> KSSLPCKS12), while exchanging the back-end to the more-flexible QCA. That
> way, we won't be tied to OpenSSL, since it's just a matter of writing a
> plugin for a new back-end.

   Basically a replacement for KOpenSSL.  This is what I proposed many times 
in the past (see for instance kde-core-devel archives).  It was not welcomed 
by most people, though I do agree that once something can be proven to be 
functionally equivalent to OpenSSL (including bug-compatibility!), it would 
be very nice to replace it.

> Another part to be replaced is the socket part of KSSL with a new class as
> well.

   Well it was designed with KIO's design in mind.  I think it's most 
important to keep the KIO (TCPSlaveBase) portion easy to use, functional, and 
bug free.  It's always possible to make another class parallel to KSSL for 
use in other applications.  That's not the hard part though.  The hard part 
is the big mess of a certificate check algorithm in TCPSlaveBase...

> QCA doesn't handle the certificate database, for instance -- that's our
> job.

   That was mostly my point.  That's most of the code in KSSL too.

George Staikos
KDE Developer				http://www.kde.org/
Staikos Computing Services Inc.		http://www.staikos.net/

More information about the kde-core-devel mailing list