Call for Next Security Meeting

Gelareh_Taban · February 21, 2017, 8:00pm

Hi all,

We are almost ready to finally start coding in the security group, so Get
Involved!

Here is the poll for the next security meeting, some time next week.
(Please be generous with your availability so we include as many people as
possible in the meetings.)
http://doodle.com/poll/tagg6ekezvamn556

Some of the items on the agenda will be, discussing and finalizing:
- Proposal to send to Swift Evolution:

github.com

swift-server/security/blob/master/README.md

# Status

:warning: This project is unmaintained experimental legacy code. It has been obsoleted by [swift-nio-ssl](https://github.com/apple/swift-nio-ssl) which contains the recommended TLS API of the [Swift Server Work Group](https://swift.org/server/).

It remains here for historical interest only.

# Introduction

Currently there is no standard Swift security library that is compatible with all of the current Swift platforms (Apple and Linux). This lack of standardization has resulted in multiple projects which either write their own Swift security functionality or use their security library of choice (be it OpenSSL, LibreSSL, etc.).  This is not desirable because it can lead to:
- incompatibility of dependencies if more that one security package is needed by different modules (a project cannot have both OpenSSL and LibreSSL in its dependency graph)
- insecurity (using an unpatched or insecure library)
- unmaintainability (using non-standard or non-native libraries)
- more complex code (using different APIs for each platform).

This proposal outlines a set of design goals as well as an approach to be adopted by the Swift Server APIs project's Security Working Group for the creation of a single Swift security component that is cross-compatible on Apple and Linux (Ubuntu) platforms. The Security APIs will consist of both lower level crypto APIs (including hashing, symmetric and asymmetric crypto) as well as higher level APIs (including key/certificate management and secure communication such as TLS).

# Motivation

Having a consistent development experience for Swift across Apple and Linux helps drive higher developer productivity, safer code as well as better reuse of Swift assets/libraries across these platforms.

This file has been truncated. show original

- Who and how to get involved in development
- Process of Server Security API proposals, development, testing and
release
- Our next steps
- Planning of regular upcoming meetings

Please update the initial agenda if you have other items to discuss:

Regards,
Gelareh