Crypto is hard... mostly because X509 is a dog's breakfast of committee compromisitis.
That said, openssl docs should AT LEAST address one who is familiar with X509. -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Tim Ward Sent: Tuesday, November 24, 2009 1:37 PM To: openssl-users@openssl.org Subject: Re: General question about documentation From: "Randy Turner" <rtur...@amalfisystems.com> > > From the length of some of the threads I've read in the past, a number > of developers seem to be burning a lot of development hours "guessing" > at how functions are supposed to work Yes indeed. This is why I often go for commercial software in preference fo "free" - it took me a day and a half to get a working Visual Studio 2005 debug DLL built, at a cost to my client of ... er ... well ... none of anyone else's business really, but lots more than any software package I remember buying. If instead of the "free" OpenSSL there'd been available a non-"free" product that cost £500 with normal commercial standards of installation and documentation and support we'd be laughing all the way to the bank. Having said which, trying to use Windows' native Schannel isn't a lot better, to be honest: sure, there's more documentation than there is of OpenSSL, but much of it is incomprehensible, and sure, there's "free" (ie included in the MSDN subscription) support from Microsoft engineers, but that takes time. Bottom line seems to me to be that this crypto/security business is in a class of its own; it's essentially difficult, and no product has received the productisation effort that is common in other fields. --- One thing I still haven't found anywhere, it's not even in the O'Reilly book, is a description of the "object" system - I've sort-of picked up that if you XXX_new() something you maybe ought to XXX_free() it sometime later, and there's some sort of use counting going on, but I've not found any documentation for any of this yet. Tim Ward - Brett Ward Limited - 07801 703 600 www.brettward.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
