State of the cryptography tooling, industrial concerns, HF response

[Theophile Hécate Choutri]

Hello everyone,

For the next HF board meeting, I would like to raise a very concerning issue: The state of some foundational cryptography libraries in the Haskell ecosystem.

As you probably know, there have been discussions in the Slack workspace about the state of Vincent Hanquez' libraries.

Here is a recapitulation of what happened: Members of the board and other community members have been trying to get in touch with Vincent Hanquez due to the importance of his cryptography libraries and the state of derelict that they are in, to no avail. The subject was raised on Slack in september of 2021.

More recently, Andrew & I have received emails from community members raising the issue again.

Chris Dornan effectively forked the packages handled by Hanquez in december.

I have surveyed the community and had some feedback from industrial users of cryptography tooling, and it would seem that an involvement of the foundation in this situation would be perceived as positive.

Now, to the "controversial" stuff: I would like that we vote on a package takeover in Hackage and a rebuild of the maintainer team for those ecosystem-sensitive libraries, with an involvement of the previous contributors to the libraries, but with a more resilient ownership.

This is not only an ecosystem matter but an industrial one. I simply do not feel confident recommending Haskell for domains as popular as web applications if password hashing algorithms are left to rot. I think it falls under our responsibility to keep Haskell as a compelling choice for industrial domains, and I don't want to risk seeing companies developing their own closed-source implementations. This is simply not acceptable and sets us back twenty years in terms of adoption ability.

Please comment with your feedback or opinion on this.

Cheers,

Hécate.

[Alexander Bernauer]

+1

curious to hear some more details at our meeting 

--
You received this message because you are subscribed to the Google Groups "Haskell Foundation Board" group.
To unsubscribe from this group and stop receiving emails from it, send an email to board+un...@haskell.foundation.
To view this discussion on the web visit https://groups.google.com/a/haskell.foundation/d/msgid/board/CAK-_mHH7tYj4usUk0iYop8ie8ZDuGjenMymBXvHLC8xiN-QDiw%40mail.gmail.com.

[Andrew Lelechenko]

Hi all,

HF does not have powers to enforce package's takeover, this should be done in line with a standard procedure (https://wiki.haskell.org/Taking_over_a_package). I suggest Hécate+Chris trigger the procedure immediately, such step does not require (or necessarily benefits from) a formal board backing. Once maintainership is acquired, I suggest to propose these packages for CLC adoption, recognising their core value, so that CLC can ensure such crisis does not arise in future again.

Best regards,

Andrew

[Theophile Hécate Choutri]

Thank you Bodigrim for the insight. I had planned on raising the subject due to the ecosystemic reach of this issue, and did not want to place a too heavy burden on the CLC before getting new people that can make this a viable option.

I will trigger the takeover procedure, however.

Cheers,

Hécate.

[Andrew Lelechenko]

The standard takeover procedure is months-long and all it takes for an unresponsive/unwilling/malicious maintainer to block it is to say no. This is an undue risk for core infrastructure, because of which such packages should better be owned by CLC, which has powers to provide maintainers succession in a timely manner.

Best regards,

Andrew

[Theophile Hécate Choutri]

Well, considering that Hanquez has been not responding to neither friends and colleagues regarding the state of his packages, I would say it evidently falls into the unresponsive / unwilling box.

[Vincent Hanquez]

Hello there,

(sorry I'm not a reader here, I just been pointed to this thread)

I absolutely do NOT give authorization for a hackage takeover, people are confusing not working with ghc 9.2 and not maintained at this stage. work on 9.2 has started, and will be done when it's done. (It's funny how people like to pretend they don't understand how OSS works when it favor their views.)

May I recommend some soul searching on why a substantial amount of the ecosystem is not migrating to >= 9.x as fast as thing comes up (hint: 9.0 is a coaster, 9.2 has substantial changes in its apis that could have been made less painful with a bit of thoughts and foresight).

As to previous unanswered requests; I do not give much thoughts on all illegitimate requests I've seen, be it the request to take over the haskell-foundation github organisation (the nerves of such request ... because you couldn't even come up with something that wasn't in use in the haskell world already !), or vague offer of maintenance which doesn't have the package best interest in mind / nor the current authors&maintainers wishes (it is very clear that it is the case in https://discourse.haskell.org/t/a-new-future-for-cryptography-in-haskell/3888 )

This false pretence of caring is just a hostile takeover of substantial amount of work at the expense of the current users of the packages; I suggest you start your own package(s) (with a fork if you wish, I don't have a problem with that) and win the mind/heart of existing people on your own merits (or trying to pretend it's a "foundation" effort) instead of parasitising existing work.

Whilst we're at it, I also find reprehensible to email all-the-maintainers-but-me (and also previous contributors) trying to entice them to legitimise this hostile takeover. (I have multiple proofs of such behaviour already)

And finally, all the best with a centrally maintained cryptographic package, this is the correct approach (but to be clear at this moment, that will not be cryptonite or the `haskell-crypto` organisation).

tl;dr I don't agree with the takeover, start your own fork/work with your own package name(s) if you're not happy with the current package(s).

[Chris Dornan]

Hi Vincent,

I am really relieved and pleased at this communication, which I fine more than reasonable.

I am a huge admirer of your cryptography work and have been relying on it for many years. There is no question but that crytonite is in the best hands in my mind.

What I am a little baffled by is you declining to reply to our previous overtures — we were careful to approach you with people with which you have a good relationship precisely so that you would not misunderstand our intentions. I was genuinely concerned that you had abandoned Haskell and your packages and each passing week just reinforced that false assumption in my mind.

You must understand our desire to try and get the ecosystem ready for 9.2 — that is all that was behind this. Of course your priorities are not our priorities, which is why clear communication is so important.

Please would you accept my apologies for my part in this unwelcome intrusion. Us OSS maintainers have enough stress trying to fit everything in without everything being made worse by unilateral actions flowing from other people’s priorities.

Personally I would like to explore the possibility of a centrally maintained crypto framework which (I believe) would need to be designed around cryptonite — any input from you on this would be very welcome to me.

Take care and thanks for your incredible efforts over the years — I simply don’t know how you have got this all done.

Chris

To view this discussion on the web visit https://groups.google.com/a/haskell.foundation/d/msgid/board/772190fe-d3b2-48d4-8b5d-75716e09f748n%40haskell.foundation.

[Julian Ospald]

Regardless of my personal opinion about the mentioned cryptography libraries, I find this thread very concerning and it reminds me of two past discussions we had that outline the deep communication issues that HF has:

* https://groups.google.com/a/haskell.foundation/g/board/c/-aUL5IQmgtk

* https://groups.google.com/a/haskell.foundation/g/board/c/zt2cAHnPMXs

> Chris Dornan effectively forked the packages handled by Hanquez in december.

This doesn't surprise me and is in line with my experiences of miscommunication within the HF and between the community and the HF.

To me this seems that HF is again following this pattern:

1. impose their ideas on community maintainers

2. doesn't communicate with those maintainers properly

3. gets defensive once these maintainers get angry

Was there any direct communication attempts between HF and Vinzent? From reading this thread, this isn't really clear.

>  we were careful to approach you with people with which you have a good relationship precisely so that you would not misunderstand our intentions

This sounds like political games were played. Again.

My opinion on how to move forward is this:

1. hire a CTO (this issue is more proof that HF will get into trouble without this position)

2. tackle the cryptography issues seriously: there is little to no research whether Haskell/GHC is even a suitable language for low-level cryptography (side-channel attacks, RTS behavior, codepath analysis etc. etc.). None of the mentioned libraries have undergone an external audit afaik. Fund researchers to explore this issue. Cryptography is not like other critical libraries. If you mess up, you can cause a lot of damage. That's why my personal opinion is that using e.g. haskell-tls in production is either naive or irresponsible. HF supporting researchers here would be huge. And it's a humongous task individual people will likely not be able to do on their own. Talk to IOHK/Cardano if they're interested to support this research. They (should) have a real business interest in that.

3. stay out of the way of maintainers, unless you're planning to support them

Cheers,

Julian

[Chris Dornan]

Hi Julian,

You said:

> Was there any direct communication attempts between HF and Vinzent? From reading this thread, this isn't really clear.

But I had already said in the thread:

> What I am a little baffled by is you declining to reply to our previous overtures — we were careful to approach you with people with which you have a good relationship precisely so that you would not misunderstand our intentions. I was genuinely concerned that you had abandoned Haskell and your packages and each passing week just reinforced that false assumption in my mind.

I think it is clear from this that we were trying to make contact with the maintainer over an extended period of time and that we were seriously concerned (but thankfully a false alarm).

Chris

-- 
You received this message because you are subscribed to the Google Groups "Haskell Foundation Board" group.
To unsubscribe from this group and stop receiving emails from it, send an email to board+un...@haskell.foundation.

To view this discussion on the web visit https://groups.google.com/a/haskell.foundation/d/msgid/board/85165da3-339f-450b-aa1b-cf231905bd46n%40haskell.foundation.

[Andrew Boardman]

Hi everyone,

Here's a summary of what I understand from this thread, please feel free to let me know if I have any factual errors:

* There was an effort to contact Vincent, who had prior requests coming from the Haskell Foundation (who? when?).
  * The haskell-foundation org was mentioned. I reached out to Nicolas Di Prima at one point asking for a disambiguator, but never heard back. Was this a different interaction?

* There appears to be a sense that the HF is trying to take credit for others' work. This is not intentional and I apologize for giving that impression. I have attempted to make sure the people doing the work are highlighted, and will work harder.

It looks like there are preconceived notions of intent on all sides here:

  * The idea that the HF is out to take things over and tell maintainers what to do.

  * The feeling that Vincent is unlikely to cooperate.

I don't see things moving forward in a healthy way until we figure that out. Vincent, would you be willing to do me the favor of meeting one on one so I can understand what you've been seeing?

Julian, I want you to know that I'm taking your feedback about the HF CTO very seriously.  I think you are making very solid points, and I'm thinking a lot about the responsibilities of the role and when a person in that role could make a substantial impact. I would enjoy talking with you about that, if you're willing.

I see the role of the HF in general as helping facilitate better communication and coordination. Some of that is trying to find maintainers for orphaned, important projects, but as a last resort. I would much rather work with maintainers to figure out how to help support them. If we're not doing a good job at this, I would rather have the maintainers yelling in my face about what's going wrong (and thank you Vincent and Julian for this very valuable feedback) than go silent!

Thank you,

-- Andrew

To view this discussion on the web visit https://groups.google.com/a/haskell.foundation/d/msgid/board/E6AF02A6-6888-4158-89CE-38FFE776237D%40chrisdornan.com.

[Andrew Lelechenko]

Hi all,

It’s one month later, and I see no migration activity at https://github.com/haskell-foundation/foundation or https://github.com/haskell-crypto/cryptonite or https://github.com/vincenthz/hs-memory. Neither there is any public engagement with multiple contributors, who have raised migration PRs and issues. 

Given Vincent’s blessing below, I suggest the cryptography work group to fork these packages. It’s not healthy for Haskell ecosystem to be blocked from upgrading to GHC 9.2 any longer.

Hecate, Chris, opinions?

Best regards,

Andrew

[Chris Dornan]

I don’t think this is a decision we should take in haste and, if we can, we should do this with input from Vincent.

How about I check in with Hecate and Vincent and we come back to you with a plan.

Chris

To view this discussion on the web visit https://groups.google.com/a/haskell.foundation/d/msgid/board/F49CD169-FE57-4F6D-B9C2-8BC366AA8D98%40gmail.com.

[Richard Eisenberg]

While I agree that we should proceed as collaboratively as possible, time is of the essence. I mean that in a literal way: it is the passage of time that is the issue here, in that we are not seeing results in a timely fashion. Accordingly, I think it makes sense to set a time limit, in advance, to these proceedings. That is, we state that if XYZ does not happen by (say) March 10, then we deem that the existing packages do not meet the HF's requirements and will thus fork. This fork action does not force anyone else to use our forks, nor does it stop Vincent from maintaining his libraries in the way he sees fit. It simply is an indication that our needs are not being met, and so we are taking action to ensure that they are met going forward.

What I don't want is to start a consultation that will lead us, in another month, to wonder where we are and how we should proceed.

Richard

To view this discussion on the web visit https://groups.google.com/a/haskell.foundation/d/msgid/board/0861DC19-70C9-4D27-845F-EE91CA8A66C3%40chrisdornan.com.

[Chris Dornan]

Hi Bodigrim and Richard,

I cannot agree that time is of the essence in this case. For sure we would all like to get the released cryptonite fixed for 9.2 moths ago but in practice most production use is on 8.10 and patches and forks are available for use with dev environments.

It is easy to say 'let's fork and maintain cryptonite' but in actuality it is a very large and complicated package with the particular requirements that accompany all cryptographic packages. I do not know of anybody prepared to take on this commitment yet -- and we have been making enquiries. I was willing to go out on a limb to get the ball rolling with my temporary forks when we seriously feared the package was orphaned but it isn't orphaned, just not being maintained as responsively as we would like.

I am not saying that the Haskell Cryptography Group should not step in and maintain a fork that will track GHC better but I do not think we are not there yet.

Instead I propose that you leave this with the Haskell Cryptography Group -- who are the natural owners of this issue -- and check in with us and review the situation on your deadline. Please don't set a deadline of next week -- this is not something that can be resolved in a day; we should be in a better position to say how we propose to handle the situation by March 10th.

The Haskell Cryptography Group is in the process of affiliating with the HF by the way.

Cheers,

Chris

[Andrew Lelechenko]

Hi Chris, 

I’m afraid I don’t quite follow. 

The start of this thread suggests that the Cryptography Working Group is ready to take over and maintain cryptonite, and this intention is reiterated more specifically at https://mail.haskell.org/pipermail/libraries/2022-January/031582.html, suggesting you and Hécate as maintainers. But now you "do not know of anybody prepared to take on this commitment yet”. What has changed? If Cryptography Working Group is not up to the task, then, frankly speaking, I’m not sure what its purpose is. 

Further, https://discourse.haskell.org/t/a-new-future-for-cryptography-in-haskell/3888 says  "Hécate, for the Haskell Foundation”, so I implicitly assumed that this is an HF working group, sanctioned by ED. But surely this cannot be the case if, as you say, "The Haskell Cryptography Group is in the process of affiliating with the HF”, which assumes that it is an independent body. Could you please clarify which option is correct?

we should be in a better position to say how we propose to handle the situation by March 10th.

Fine.

Best regards,

Andrew

[Chris Dornan]

Context is everything. If cryptonite was orphaned then, as I saw it, we had no option but to step in and pick it up. That is why I created the temporary forks and Hecate started the takeover. In this situation there is really nothing to think about and it was important to signal quickly that the matter was being addressed. At that stage we had not assessed the scale of the task nor found people willing to commit to maintaining it.

We are now in a different situation, where the Vincent is maintaining it but not patching cryptonite to track GHC releases as quickly as we need -- that is a quite different situation. We now need to find people to commit to maintaining a fork -- or better establish a working relationship with Vincent whereby we can render assistance and agree a policy of tracking GHC releases properly.

Cryptography has special requirements -- the packages don't just have to be good, but they have to be seen to be good and follow the norms expected by the cryptographic community. We are trying to make sure that things are done properly. That is the reason for forming the group.

As for the status of the group, we decided the clearest course of action was to affiliate to the foundation as an independent group with its own charter. To be honest I just don't know how the group would function as part of the foundation, and this conversation we are having right now suggests that trying to run it as part of the foundation could be quite problematic. Does the HF really need more things to manage? 

If you think the HF needs it own cryptography group you can propose setting one up -- but I would advise against it; I think it would just lead to confusion.

Chris

[Andrew Lelechenko]

Hi Chris, 

I’m not suggesting to set up another cryptography group, it’s just that the announcement made an impression that this is a task force inside HF, not an independent body. May I suggest to clarify this publicly to avoid any confusion?

Just a gentle reminder that the 10th of March is this Thursday.

Stand with Ukraine,

Andrew

[Chris Dornan]

For sure -- we will be reporting g progress on developing the fork at the Thursday board meeting and will take care to clarify the status of Haskell cryptography as independent group affiliated to the HF.

Cheers,

Chris