Crypto as part of the core libraries


(Travis Beech) #1

I would like to propose that basic crypto be part of the core libraries of swift. It seems a large oversight that this isn’t a core part of the runtime. Many if not all modern languages provide the ability to perform hashing, encryption, certificates, etc. out of the box.

I believe that any serious app developer should be encrypting their customer’s data client side; and with the Swift runtime today, I cannot write a pure Swift app without having to resort to bridging into the CommonCrypto C library. While this works, in my view, this is a hack used to bridge the gap of missing functionality. I also don’t think developers should be using libraries they find out on Github or other places. While the developers of those projects may have the best of intentions, I think it best that functionality of this sort come from the language runtime itself, that is part of the core libraries out of the box.

As Swift looks to move beyond just iOS/OS X, crypto will become an ever increasingly important aspect of the core libraries such AES and RSA encryption, HMAC SHA1/256 hashing, etc.

Thank you,

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems


(Tony Parker) #2

Hi Travis,

I think the best path for projects to become part of the corelibs “umbrella” is to start them off as community-driven, and once they have gained enough momentum we should consider folding them into the core distribution.

This provides a lot of key benefits. Most importantly, the new project will have clear ownership and responsibility. We need to make sure that the right people are there to represent its interests to the larger Swift effort. Also, we’ll know who to talk to to deal with general issues like keeping it up to date with language changes, integrating it with CI, considering API changes, etc.

- Tony

···

On Apr 14, 2016, at 3:53 PM, Travis Beech via swift-corelibs-dev <swift-corelibs-dev@swift.org> wrote:

I would like to propose that basic crypto be part of the core libraries of swift. It seems a large oversight that this isn’t a core part of the runtime. Many if not all modern languages provide the ability to perform hashing, encryption, certificates, etc. out of the box.

I believe that any serious app developer should be encrypting their customer’s data client side; and with the Swift runtime today, I cannot write a pure Swift app without having to resort to bridging into the CommonCrypto C library. While this works, in my view, this is a hack used to bridge the gap of missing functionality. I also don’t think developers should be using libraries they find out on Github or other places. While the developers of those projects may have the best of intentions, I think it best that functionality of this sort come from the language runtime itself, that is part of the core libraries out of the box.

As Swift looks to move beyond just iOS/OS X, crypto will become an ever increasingly important aspect of the core libraries such AES and RSA encryption, HMAC SHA1/256 hashing, etc.

Thank you,

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems
_______________________________________________
swift-corelibs-dev mailing list
swift-corelibs-dev@swift.org
https://lists.swift.org/mailman/listinfo/swift-corelibs-dev


(Travis Beech) #3

Tony,

How is that achieved? Or what kicks off that community-driven process?

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems

···

From: <anthony.parker@apple.com<mailto:anthony.parker@apple.com>> on behalf of Tony Parker <anthony.parker@apple.com<mailto:anthony.parker@apple.com>>
Date: Friday, April 15, 2016 at 9:02 AM
To: Travis Beech <tbeech@unwiredrevolution.com<mailto:tbeech@unwiredrevolution.com>>
Cc: "swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>" <swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>>
Subject: Re: [swift-corelibs-dev] Crypto as part of the core libraries

Hi Travis,

I think the best path for projects to become part of the corelibs “umbrella” is to start them off as community-driven, and once they have gained enough momentum we should consider folding them into the core distribution.

This provides a lot of key benefits. Most importantly, the new project will have clear ownership and responsibility. We need to make sure that the right people are there to represent its interests to the larger Swift effort. Also, we’ll know who to talk to to deal with general issues like keeping it up to date with language changes, integrating it with CI, considering API changes, etc.

- Tony

On Apr 14, 2016, at 3:53 PM, Travis Beech via swift-corelibs-dev <swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>> wrote:

I would like to propose that basic crypto be part of the core libraries of swift. It seems a large oversight that this isn’t a core part of the runtime. Many if not all modern languages provide the ability to perform hashing, encryption, certificates, etc. out of the box.

I believe that any serious app developer should be encrypting their customer’s data client side; and with the Swift runtime today, I cannot write a pure Swift app without having to resort to bridging into the CommonCrypto C library. While this works, in my view, this is a hack used to bridge the gap of missing functionality. I also don’t think developers should be using libraries they find out on Github or other places. While the developers of those projects may have the best of intentions, I think it best that functionality of this sort come from the language runtime itself, that is part of the core libraries out of the box.

As Swift looks to move beyond just iOS/OS X, crypto will become an ever increasingly important aspect of the core libraries such AES and RSA encryption, HMAC SHA1/256 hashing, etc.

Thank you,

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems
_______________________________________________
swift-corelibs-dev mailing list
swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>
https://lists.swift.org/mailman/listinfo/swift-corelibs-dev


(Tony Parker) #4

Hi Travis,

Someone will need to step up and lead the project. Is that you? =)

Personally, I’m hoping that the structure of the Swift Package Manager will really encourage people to create new frameworks, and give them the tools they need to distribute for use by many developers. That will be a great incubation area for these kinds of ideas.

- Tony

···

On Apr 15, 2016, at 9:04 AM, Travis Beech <tbeech@unwiredrevolution.com> wrote:

Tony,

How is that achieved? Or what kicks off that community-driven process?

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems

From: <anthony.parker@apple.com <mailto:anthony.parker@apple.com>> on behalf of Tony Parker <anthony.parker@apple.com <mailto:anthony.parker@apple.com>>
Date: Friday, April 15, 2016 at 9:02 AM
To: Travis Beech <tbeech@unwiredrevolution.com <mailto:tbeech@unwiredrevolution.com>>
Cc: "swift-corelibs-dev@swift.org <mailto:swift-corelibs-dev@swift.org>" <swift-corelibs-dev@swift.org <mailto:swift-corelibs-dev@swift.org>>
Subject: Re: [swift-corelibs-dev] Crypto as part of the core libraries

Hi Travis,

I think the best path for projects to become part of the corelibs “umbrella” is to start them off as community-driven, and once they have gained enough momentum we should consider folding them into the core distribution.

This provides a lot of key benefits. Most importantly, the new project will have clear ownership and responsibility. We need to make sure that the right people are there to represent its interests to the larger Swift effort. Also, we’ll know who to talk to to deal with general issues like keeping it up to date with language changes, integrating it with CI, considering API changes, etc.

- Tony

On Apr 14, 2016, at 3:53 PM, Travis Beech via swift-corelibs-dev <swift-corelibs-dev@swift.org <mailto:swift-corelibs-dev@swift.org>> wrote:

I would like to propose that basic crypto be part of the core libraries of swift. It seems a large oversight that this isn’t a core part of the runtime. Many if not all modern languages provide the ability to perform hashing, encryption, certificates, etc. out of the box.

I believe that any serious app developer should be encrypting their customer’s data client side; and with the Swift runtime today, I cannot write a pure Swift app without having to resort to bridging into the CommonCrypto C library. While this works, in my view, this is a hack used to bridge the gap of missing functionality. I also don’t think developers should be using libraries they find out on Github or other places. While the developers of those projects may have the best of intentions, I think it best that functionality of this sort come from the language runtime itself, that is part of the core libraries out of the box.

As Swift looks to move beyond just iOS/OS X, crypto will become an ever increasingly important aspect of the core libraries such AES and RSA encryption, HMAC SHA1/256 hashing, etc.

Thank you,

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems
_______________________________________________
swift-corelibs-dev mailing list
swift-corelibs-dev@swift.org <mailto:swift-corelibs-dev@swift.org>
https://lists.swift.org/mailman/listinfo/swift-corelibs-dev


(Travis Beech) #5

Tony,

I would be more than happy to step and lead the project as security in general is something that I’m very passionate about.

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems

···

From: <anthony.parker@apple.com<mailto:anthony.parker@apple.com>> on behalf of Tony Parker <anthony.parker@apple.com<mailto:anthony.parker@apple.com>>
Date: Friday, April 15, 2016 at 9:10 AM
To: Travis Beech <tbeech@unwiredrevolution.com<mailto:tbeech@unwiredrevolution.com>>
Cc: "swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>" <swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>>
Subject: Re: [swift-corelibs-dev] Crypto as part of the core libraries

Hi Travis,

Someone will need to step up and lead the project. Is that you? =)

Personally, I’m hoping that the structure of the Swift Package Manager will really encourage people to create new frameworks, and give them the tools they need to distribute for use by many developers. That will be a great incubation area for these kinds of ideas.

- Tony

On Apr 15, 2016, at 9:04 AM, Travis Beech <tbeech@unwiredrevolution.com<mailto:tbeech@unwiredrevolution.com>> wrote:

Tony,

How is that achieved? Or what kicks off that community-driven process?

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems

From: <anthony.parker@apple.com<mailto:anthony.parker@apple.com>> on behalf of Tony Parker <anthony.parker@apple.com<mailto:anthony.parker@apple.com>>
Date: Friday, April 15, 2016 at 9:02 AM
To: Travis Beech <tbeech@unwiredrevolution.com<mailto:tbeech@unwiredrevolution.com>>
Cc: "swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>" <swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>>
Subject: Re: [swift-corelibs-dev] Crypto as part of the core libraries

Hi Travis,

I think the best path for projects to become part of the corelibs “umbrella” is to start them off as community-driven, and once they have gained enough momentum we should consider folding them into the core distribution.

This provides a lot of key benefits. Most importantly, the new project will have clear ownership and responsibility. We need to make sure that the right people are there to represent its interests to the larger Swift effort. Also, we’ll know who to talk to to deal with general issues like keeping it up to date with language changes, integrating it with CI, considering API changes, etc.

- Tony

On Apr 14, 2016, at 3:53 PM, Travis Beech via swift-corelibs-dev <swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>> wrote:

I would like to propose that basic crypto be part of the core libraries of swift. It seems a large oversight that this isn’t a core part of the runtime. Many if not all modern languages provide the ability to perform hashing, encryption, certificates, etc. out of the box.

I believe that any serious app developer should be encrypting their customer’s data client side; and with the Swift runtime today, I cannot write a pure Swift app without having to resort to bridging into the CommonCrypto C library. While this works, in my view, this is a hack used to bridge the gap of missing functionality. I also don’t think developers should be using libraries they find out on Github or other places. While the developers of those projects may have the best of intentions, I think it best that functionality of this sort come from the language runtime itself, that is part of the core libraries out of the box.

As Swift looks to move beyond just iOS/OS X, crypto will become an ever increasingly important aspect of the core libraries such AES and RSA encryption, HMAC SHA1/256 hashing, etc.

Thank you,

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems
_______________________________________________
swift-corelibs-dev mailing list
swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>
https://lists.swift.org/mailman/listinfo/swift-corelibs-dev


(Travis Beech) #6

I guess I need to RTFM the docs on the swift evolution process. I’ll start there. :slight_smile:

Travis Beech | Principal Developer | Unwired Revolution | c: 1 (209) 535-5357
Optimizing Operations for Mobile and Distributed Systems

···

From: <swift-corelibs-dev-bounces@swift.org<mailto:swift-corelibs-dev-bounces@swift.org>> on behalf of Travis Beech via swift-corelibs-dev <swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>>
Reply-To: Travis Beech <tbeech@unwiredrevolution.com<mailto:tbeech@unwiredrevolution.com>>
Date: Friday, April 15, 2016 at 9:12 AM
To: Tony Parker <anthony.parker@apple.com<mailto:anthony.parker@apple.com>>
Cc: "swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>" <swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>>
Subject: Re: [swift-corelibs-dev] Crypto as part of the core libraries

Tony,

I would be more than happy to step and lead the project as security in general is something that I’m very passionate about.

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems

From: <anthony.parker@apple.com<mailto:anthony.parker@apple.com>> on behalf of Tony Parker <anthony.parker@apple.com<mailto:anthony.parker@apple.com>>
Date: Friday, April 15, 2016 at 9:10 AM
To: Travis Beech <tbeech@unwiredrevolution.com<mailto:tbeech@unwiredrevolution.com>>
Cc: "swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>" <swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>>
Subject: Re: [swift-corelibs-dev] Crypto as part of the core libraries

Hi Travis,

Someone will need to step up and lead the project. Is that you? =)

Personally, I’m hoping that the structure of the Swift Package Manager will really encourage people to create new frameworks, and give them the tools they need to distribute for use by many developers. That will be a great incubation area for these kinds of ideas.

- Tony

On Apr 15, 2016, at 9:04 AM, Travis Beech <tbeech@unwiredrevolution.com<mailto:tbeech@unwiredrevolution.com>> wrote:

Tony,

How is that achieved? Or what kicks off that community-driven process?

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems

From: <anthony.parker@apple.com<mailto:anthony.parker@apple.com>> on behalf of Tony Parker <anthony.parker@apple.com<mailto:anthony.parker@apple.com>>
Date: Friday, April 15, 2016 at 9:02 AM
To: Travis Beech <tbeech@unwiredrevolution.com<mailto:tbeech@unwiredrevolution.com>>
Cc: "swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>" <swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>>
Subject: Re: [swift-corelibs-dev] Crypto as part of the core libraries

Hi Travis,

I think the best path for projects to become part of the corelibs “umbrella” is to start them off as community-driven, and once they have gained enough momentum we should consider folding them into the core distribution.

This provides a lot of key benefits. Most importantly, the new project will have clear ownership and responsibility. We need to make sure that the right people are there to represent its interests to the larger Swift effort. Also, we’ll know who to talk to to deal with general issues like keeping it up to date with language changes, integrating it with CI, considering API changes, etc.

- Tony

On Apr 14, 2016, at 3:53 PM, Travis Beech via swift-corelibs-dev <swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>> wrote:

I would like to propose that basic crypto be part of the core libraries of swift. It seems a large oversight that this isn’t a core part of the runtime. Many if not all modern languages provide the ability to perform hashing, encryption, certificates, etc. out of the box.

I believe that any serious app developer should be encrypting their customer’s data client side; and with the Swift runtime today, I cannot write a pure Swift app without having to resort to bridging into the CommonCrypto C library. While this works, in my view, this is a hack used to bridge the gap of missing functionality. I also don’t think developers should be using libraries they find out on Github or other places. While the developers of those projects may have the best of intentions, I think it best that functionality of this sort come from the language runtime itself, that is part of the core libraries out of the box.

As Swift looks to move beyond just iOS/OS X, crypto will become an ever increasingly important aspect of the core libraries such AES and RSA encryption, HMAC SHA1/256 hashing, etc.

Thank you,

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems
_______________________________________________
swift-corelibs-dev mailing list
swift-corelibs-dev@swift.org<mailto:swift-corelibs-dev@swift.org>
https://lists.swift.org/mailman/listinfo/swift-corelibs-dev


(Chris Bailey) #7

Hi Travis:

FYI, Security (crypto/secure transport etc) is an area that some of us
from IBM are just starting to look at. We've love to collaborate with you
on it.

Chris

···

From: Travis Beech via swift-corelibs-dev <swift-corelibs-dev@swift.org>
To: Tony Parker <anthony.parker@apple.com>
Cc: "swift-corelibs-dev@swift.org" <swift-corelibs-dev@swift.org>
Date: 15/04/2016 17:19
Subject: Re: [swift-corelibs-dev] Crypto as part of the core
libraries
Sent by: swift-corelibs-dev-bounces@swift.org

I guess I need to RTFM the docs on the swift evolution process. I’ll start
there. :slight_smile:

Travis Beech | Principal Developer | Unwired Revolution | c: 1 (209)
535-5357
Optimizing Operations for Mobile and Distributed Systems

From: <swift-corelibs-dev-bounces@swift.org> on behalf of Travis Beech via
swift-corelibs-dev <swift-corelibs-dev@swift.org>
Reply-To: Travis Beech <tbeech@unwiredrevolution.com>
Date: Friday, April 15, 2016 at 9:12 AM
To: Tony Parker <anthony.parker@apple.com>
Cc: "swift-corelibs-dev@swift.org" <swift-corelibs-dev@swift.org>
Subject: Re: [swift-corelibs-dev] Crypto as part of the core libraries

Tony,

I would be more than happy to step and lead the project as security in
general is something that I’m very passionate about.

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems

From: <anthony.parker@apple.com> on behalf of Tony Parker <
anthony.parker@apple.com>
Date: Friday, April 15, 2016 at 9:10 AM
To: Travis Beech <tbeech@unwiredrevolution.com>
Cc: "swift-corelibs-dev@swift.org" <swift-corelibs-dev@swift.org>
Subject: Re: [swift-corelibs-dev] Crypto as part of the core libraries

Hi Travis,

Someone will need to step up and lead the project. Is that you? =)

Personally, I’m hoping that the structure of the Swift Package Manager
will really encourage people to create new frameworks, and give them the
tools they need to distribute for use by many developers. That will be a
great incubation area for these kinds of ideas.

- Tony

On Apr 15, 2016, at 9:04 AM, Travis Beech <tbeech@unwiredrevolution.com> wrote:

Tony,

How is that achieved? Or what kicks off that community-driven process?

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems

From: <anthony.parker@apple.com> on behalf of Tony Parker <
anthony.parker@apple.com>
Date: Friday, April 15, 2016 at 9:02 AM
To: Travis Beech <tbeech@unwiredrevolution.com>
Cc: "swift-corelibs-dev@swift.org" <swift-corelibs-dev@swift.org>
Subject: Re: [swift-corelibs-dev] Crypto as part of the core libraries

Hi Travis,

I think the best path for projects to become part of the corelibs
“umbrella” is to start them off as community-driven, and once they have
gained enough momentum we should consider folding them into the core
distribution.

This provides a lot of key benefits. Most importantly, the new project
will have clear ownership and responsibility. We need to make sure that
the right people are there to represent its interests to the larger Swift
effort. Also, we’ll know who to talk to to deal with general issues like
keeping it up to date with language changes, integrating it with CI,
considering API changes, etc.

- Tony

On Apr 14, 2016, at 3:53 PM, Travis Beech via swift-corelibs-dev < swift-corelibs-dev@swift.org> wrote:

I would like to propose that basic crypto be part of the core libraries of
swift. It seems a large oversight that this isn’t a core part of the
runtime. Many if not all modern languages provide the ability to perform
hashing, encryption, certificates, etc. out of the box.

I believe that any serious app developer should be encrypting their
customer’s data client side; and with the Swift runtime today, I cannot
write a pure Swift app without having to resort to bridging into the
CommonCrypto C library. While this works, in my view, this is a hack used
to bridge the gap of missing functionality. I also don’t think developers
should be using libraries they find out on Github or other places. While
the developers of those projects may have the best of intentions, I think
it best that functionality of this sort come from the language runtime
itself, that is part of the core libraries out of the box.

As Swift looks to move beyond just iOS/OS X, crypto will become an ever
increasingly important aspect of the core libraries such AES and RSA
encryption, HMAC SHA1/256 hashing, etc.

Thank you,

Travis Beech | Principal Developer | Unwired Revolution
Optimizing Operations for Mobile and Distributed Systems
_______________________________________________
swift-corelibs-dev mailing list
swift-corelibs-dev@swift.org
https://lists.swift.org/mailman/listinfo/swift-corelibs-dev

_______________________________________________
swift-corelibs-dev mailing list
swift-corelibs-dev@swift.org
https://lists.swift.org/mailman/listinfo/swift-corelibs-dev