From bb9179f40177abed676c3931488373f040d223ea Mon Sep 17 00:00:00 2001 From: Jesper Louis Andersen Date: Tue, 18 Nov 2014 23:22:41 +0100 Subject: [PATCH] Tune the README.md file a bit. --- README.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a36cb58..d142b77 100644 --- a/README.md +++ b/README.md @@ -3,8 +3,13 @@ This library provides bindings for the NaCl cryptographic library for Erlang. Several such libraries exist, but this one is a re-write with a number of different requirements, and foci: * Erlang/OTP 17.3. This library *needs* the newest dirty scheduler implementation. -* Uses the original NaCl sources over something like libsodium. This is a deliberate choice. +* Uses the libsodium sources. This is a deliberate choice, since it is easy to implement. +* Does not provide anything but the original NaCl code base. This is also a deliberate choice so we are not in a situation where we can't jump to a newer version of the library later at some point. * Tests created by aggressive use of Erlang QuickCheck. -* provides gen_nacl, a gen_tcp wrapper for sending/receiving messages over a tcp socket. This package draws heavy inspiration from "erlang-nacl" by Tony Garnock-Jones. + +# Rationale + +Doing crypto right in Erlang is not that easy. The obvious way to handle this is by the use of NIF implementations, but most C code will run to its conclusion once set off for processing. This is a major problem for a system which needs to keep its latency safe. The solution taken by this library is to use the new Dirty Scheduler API of Erlang in order to provide a safe way to handle the long-running cryptographic processing. It keeps the cryptographic primitives on the dirty schedulers and thus it avoids the major problem. +