[Cryptech Tech] Repos, releases and system structure (Was: Re: Reminder)

Joachim Strömbergson joachim at secworks.se
Thu Oct 16 07:41:40 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Randy Bush wrote:
>> I think we need to start to consider doing official releases of
>> either only the complete Cryptech system or the system and
>> underlying systems as well. I can for example see the trng as being
>> one such system where we can basically now start tagging numbered
>> releases and write release notes for official versions.
>> 
>> This would make it much easier for users/implementers to follow
>> what we do and see the progress in terms of functionality.
> 
> yes!
> 
> how would you handle platform specificity?  i.e., at the moment we
> have the altera board, novena, ...  and things sre likely to get more
> complex next year.

My gut reaction is to look at what OpenBSD, Linux and other open, multi
platform projects do:

* Have a common release note with a top level revision number (and date)
that describes the major new features, bug fixes etc (including any new
platforms). In our case this would include both SW and HW aspects

* Have platform specific sub sections that describe how the new release
is mapped onto the given platform.

For example Cryptech release 0.X.Y, date 2014-MM-DDDD contains HW with
cores the following cores:
 - SHA-512, version X.Y.Z.
 - TRNG, version X.Y.Z

The following HW modules and boards
 - Avalanche board for Novena X.Y.Z

The release contains SW with the following functionality:
 - coretest_hashes.c version X.Y.Z

Then would follow description of what the specific core and SW versions
would entail.


* Novena Platform:
 - TRNG X.Y.Z. Supporting
 - Top level connecting the avalanche board X.Y.Z

...
...

* Labels and links to downloads including signed hashe
- - TRNG: SHA256: 0x6c34...


That is how I think of the release notes in itself. Then we also need to
set the correct labels, provide build scripts for the specific platforms
as well as providing binary config files for the FPGAs on the different
platforms (for the ones that trusts us).


It is a lot of work but doable. And we better start planning for this
soonish, by for example basically do the first early releases based on
what we have today or so. At least do one before the end of this year.


- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJUP3a0AAoJEF3cfFQkIuyNl5sP/RgK8w0FhKMHW+fALrY4OlY7
c4L4LYwvILYNQG2wVBz3Dj88LOHC5YxltxzwuNPHFRnpZ1xFzZKCa/PHBvkoVnHk
cFSDN+Z+PvFMeo5T5+GtEQ3H7XbQgOVAkRdRhwhpY1r8iuVB7gsK4dE2GmgWhE3m
Z5WMmKOTY13KQgLzXq8TLJv9khc0+kx/0PrdKak02nYTSAw+OOFeewHF4Y68VH9L
oqDhDntS7BxPMJXFmp9P3eadahVzwtKWLSDIa6VK/AKvV13SpdnALPhutDweW7pg
mRrFLoBrSiEQGBbE4c2sIhWSrQK6v/ogfaBd5nPtrMcWGhBVkVIJqX/Fk8bBsouZ
aA10uwiO1rZBRwV71ol+GeifkmHoUGkw3OcfYEBDSqzbT45nHrjEtgXRpwW+fiDF
zzyvX68XjkYIVy/DKL2wc02d/oYVN/jMBm8bGCBTreom87R3nRi/amSKjPTazoZm
yzwcrS6E+5anCF+SSHoppXF4/+3fwX8amzh1gvAfvX8vvWTji9uk7aiQJZjDfGr7
iSBf7W6FPZl1/gR9Xiq4XuilJsSPUNwMr2VBDIX7KkAhaKgc2000/6BuTRsUU5i/
mqkbQgys50uSSqluIWJnXltJ8khCYHKyF8NIW0gOeewPfn5uIi9pRBOI8aOqmgxc
BpP02sYgQizAtXcnpadq
=9tVG
-----END PGP SIGNATURE-----


More information about the Tech mailing list