[Info-vax] New OpenSSL update from HP

Dirk Munk munk at home.nl
Sun Jun 14 18:11:54 EDT 2015 

David Froble wrote:
> Dirk Munk wrote:
>> RobertsonEricW wrote:
>>> This is precisely what the Open Source on OpenVMS group is attempting
>>> to facilitate through its efforts to port to OpenVMS the basic GNU
>>> tools necessary for building the most frequently used GNU tools and
>>> to start creating the infrastructure to automatically build and test
>>> the current builds of GNU Software. Effort has been admittedly
>>> sluggish to materialize over the course of the last few years.
>>> However, given that the time and effort generated thus far has been
>>> almost entirely on a volunteer basis, this is not that surprising.
>>> However, with VSI and other participants now beginning to take an
>>> interest, the number of active volunteers is now on the increase.
>>> This should help to quicken the pace of porting some of the critical
>>> tools to OpenVMS which should in turn solidify the usefulness of the
>>> GNV environment in producing further, maintainable ports of Open
>>> Source tools and utilities. It is hoped that in the future, the
>>> solidification of GNV will lessen the occurrence for some of
>> these one-off ports  from multiple quarters (of which these different
>> and  more recent ports of OpenSSL are but one example).
>>>
>>
>> I get your point, and in general that is fine. However with SSL it is
>> another matter. It's a vital part of TCP/IP security, and it should be
>> maintained by HP, or now VSI. I would like to see top quality
>> professional programmers working on this. It should be just like any
>> other VMS software product from HP/VSI.
>>
>> I will even go further than that. We can ask ourselves if an OpenSSL
>> port is the best way for a VMS SSL product. Other companies have
>> developed their own SSL package, and I can imagine that a native VMS
>> SSL package would be a better and more effective piece of software.
>
> They'd probably still write it in C.  What would be the gain?

Even if it would be written in C, that doesn't mean anything. If you 
have poor programming skills in a certain language, you will write poor 
programs in that language. If you have good programming skills, you will 
more likely write good programs.

I've been reading about the differences between WASD and CSWS (or 
Apache. WASD is doing certain things the VMS way, and CSWS does similar 
things the Unix way. WASD is far more efficient.....

A similar effect could be seen with SSL as well. I'm speculating here, 
but doing certain low level things the VMS way instead of a Unix way 
could be far more efficient.

>
> Now, I'm guessing, and I'd hope to be wrong.  If VSI wrote a VMS SSL
> product, would the design everyone uses be available?  What I'm asking
> is, "is there a specification?".  If not, then as usual, it's just some
> C code you need to figure out.
>
> If there was a specification, then keeping a VMS based product up to
> date should be doable.

More information about the Info-vax mailing list