Daniel, list,
what's the status of this? I had prepared a rough spec long ago (which I use for the XS), but we have a couple of issues
- Desire to split off the 'audited' version of libtomcrypt -- the split in itself is worthy, but ISTR we lost steam pushing it upstream due to pushback on the 'audited' part? Do we have our package for that?
- A pile of scripts used in XS that see a lot of churn -- I'm happy to split those off to a -tools or -scripts subpackage.
cheers,
m
On 25 January 2011 21:42, Martin Langhoff martin.langhoff@gmail.com wrote:
Daniel, list,
what's the status of this?
I'll probably jump back on it after clearing out some more immediate projects.
I need to generate discussion around this to verify that I'm not missing anything, but I had a thought that solves the crypto problem: The auditing is only relevant for signature verification code, therefore these tools could use the unaudited system libraries without worry.
Daniel
On Tue, Jan 25, 2011 at 5:53 PM, Daniel Drake dsd@laptop.org wrote:
I need to generate discussion around this to verify that I'm not missing anything, but I had a thought that solves the crypto problem: The auditing is only relevant for signature verification code, therefore these tools could use the unaudited system libraries without worry.
Agreed... I guess it means the auditing was limited to input data handling.
As long as the different versions all agree on what's a valid sig and what's not, we're ok! ;-)
m
-
Daniel Drake -
Martin Langhoff