site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com On Apr 2, 2010, at 1:05 PM, Jay Reynolds Freeman wrote: I am not sure where to discuss issues related to developing Macintosh code that uses the Internet to transmit data in a secure manner: The app is not a web-server-and-client kind of thing; I expect to be using Internet socket connections directly, from within the various instances of the application. So far, I have described a very general programming issue -- probably too general for this group. What I am wondering about is what special support is available for this kind of thing based on the fact that I am using Macintoshes, and have all the facilities of MacOS and Xcode to develop and run with. —Jens _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... macnetworkprog is the general networking list; that's probably the best place for this. And discussion of Mac crypto/security APIs is at the apple-cdsa list (great name, no?) It depends on what levels of APIs you're comfortable with and will integrate best with your code. At the lowest level you have the standard BSD socket API. At a higher level, but still procedural, are the CFNetwork APIs (specifically CFSocket and CFStream). In Objective- C there are some OOP wrappers around CFNetwork in the form of NSStream etc., although they're somewhat incomplete. If you're concerned about security, SSL is a good choice. The SecureTransport API implements that on whatever stream layer you want to use. Mac OS also comes with the cross-platform OpenSSL library which does basically the same thing. If you use CFStream you can enable SSL transport pretty easily without having to know the lower level APIs. Using SSL in a peer-to-peer environment means messing with X.509 certificates and key-pairs, and secure storage of them. The "Sec-" prefixed APIs in the Security framework deal with that. (OpenSSL has its own APIs too.) You might be interested in a framework I wrote called MYNetwork which is a very high-level Objective-C API for networking, including SSL support and Bonjour discovery. It wraps the above APIs and hides a lot of the complexity. http://bitbucket.org/snej/mynetwork/ This email sent to site_archiver@lists.apple.com