[Cryptech Tech] External review
Steve Olshansky
olshansky at isoc.org
Thu Nov 6 19:58:23 UTC 2014
All-
I asked Leif about this, and he suggested i start a thread here. I am wondering what is being planned in this regard, and when something might make it on to the website about it. As the project progresses and gains more visibility (and scrutiny presumably), I can imagine that others would be wondering the same thing.
As everyone is obviously aware, this issue is on the community's collective mind, and especially more so after Heartbleed and then Shellshock. I know there are challenges with just posting the code and design documents and relying on volunteer effort for the review, and funding for clueful reviewers would be better.
For example, is the Linux Foundation's Core Infrastructure Initiative a viable candidate to propose this to? Given the funders, I could understand if there is reluctance to bring it there. But I mention this as a prominent effort to provide funding to support this kind of work. I assume there are others but I don't have them readily at hand.
http://www.linuxfoundation.org/programs/core-infrastructure-initiative
Cheers-
Steve
--
Steve Olshansky
Trust & Identity Program Lead
Internet Society
www.internetsociety.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.cryptech.is/archives/tech/attachments/20141106/0e537054/attachment.sig>
More information about the Tech
mailing list