[plt-scheme] Looking for a security consultant with PLT web server experience

I'm happy to put useful contributions in the core.

Re: Building IP checking into the default behavior --- I don't think
that is wise, for the reasons Neil V. describes.

Jay

On Mon, Oct 5, 2009 at 4:34 AM, Dave Gurnell <d.j.gurnell at gmail.com> wrote:
>>> One nice thing about the web server architecture is that all of these
>>> issues can be addressed (if they need to be addressed) by writing and
>>> plugging in a custom continuation manager. The Untypers have dabbled with
>>> the LRU manager a few times, implementing things like extra logging and some
>>> application specific continuation management. These security-related
>>> features seem like other natural extensions.
>>>
>>> It'd be good to collaborate on something like this as and release it as a
>>> PLaneT package.
>>
>> Seems like PLT has been putting a lot of energy into the Web server and
>> servlets in the last year or two.  I'd first find out whether this is
>> something they want to look into right now.  (Just yesterday, I found that
>> Ryan Culpepper had scooped me on macro keyword support, after I'd recently
>> slaved over a hot syntax-rules to do the same thing. :)  In any case, I
>> would try to make sure I understood PLT's rationale for everything upfront,
>> to save a lot of energy.
>
>
> Absolutely. I'm sure if the contributions are good they can be rolled into
> the core. I'd be slightly cautious of this kind of networking "improvement",
> though - it's probably all too easy to not notice bugs and design flaws for
> weeks and weeks, at least until after you're convinced that the code is
> working okay.
>
> -- Dave
>
> _________________________________________________
>  For list-related administrative tasks:
>  http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>



-- 
Jay McCarthy <jay at cs.byu.edu>
Assistant Professor / Brigham Young University
http://teammccarthy.org/jay

"The glory of God is Intelligence" - D&C 93