[Cryptech Tech] Repos, .releases and system structure (Was: Re: Reminder)

Leif Johansson leifj at sunet.se
Thu Oct 16 07:54:58 UTC 2014




> 16 okt 2014 kl. 09:43 skrev Joachim Strömbergson <joachim at secworks.se>:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Aloha!
> 
> Randy Bush wrote:
>>> I think we need to start to consider doing official releases of
>>> either only the complete Cryptech system or the system and
>>> underlying systems as well. I can for example see the trng as being
>>> one such system where we can basically now start tagging numbered
>>> releases and write release notes for official versions.
>>> 
>>> This would make it much easier for users/implementers to follow
>>> what we do and see the progress in terms of functionality.
>> 
>> yes!
>> 
>> how would you handle platform specificity?  i.e., at the moment we
>> have the altera board, novena, ...  and things sre likely to get more
>> complex next year.
> 
> My gut reaction is to look at what OpenBSD, Linux and other open, multi
> platform projects do:
> 
> * Have a common release note with a top level revision number (and date)
> that describes the major new features, bug fixes etc (including any new
> platforms). In our case this would include both SW and HW aspects
> 
> * Have platform specific sub sections that describe how the new release
> is mapped onto the given platform.
> 
> For example Cryptech release 0.X.Y, date 2014-MM-DDDD contains HW with
> cores the following cores:
> - SHA-512, version X.Y.Z.
> - TRNG, version X.Y.Z
> 
> The following HW modules and boards
> - Avalanche board for Novena X.Y.Z
> 
> The release contains SW with the following functionality:
> - coretest_hashes.c version X.Y.Z
> 
> Then would follow description of what the specific core and SW versions
> would entail.
> 
> 
> * Novena Platform:
> - TRNG X.Y.Z. Supporting
> - Top level connecting the avalanche board X.Y.Z
> 
> ...
> ...
> 
> * Labels and links to downloads including signed hashe
> - - TRNG: SHA256: 0x6c34...
> 
> 
> That is how I think of the release notes in itself. Then we also need to
> set the correct labels, provide build scripts for the specific platforms
> as well as providing binary config files for the FPGAs on the different
> platforms (for the ones that trusts us).
> 
> 
> It is a lot of work but doable. And we better start planning for this
> soonish, by for example basically do the first early releases based on
> what we have today or so. At least do one before the end of this year.
> 
> 

Agree!

> - -- 
> Med vänlig hälsning, Yours
> 
> Joachim Strömbergson - Alltid i harmonisk svängning.
> ========================================================================
> Joachim Strömbergson          Secworks AB          joachim at secworks.se
> ========================================================================
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> 
> iQIcBAEBCAAGBQJUP3a0AAoJEF3cfFQkIuyNl5sP/RgK8w0FhKMHW+fALrY4OlY7
> c4L4LYwvILYNQG2wVBz3Dj88LOHC5YxltxzwuNPHFRnpZ1xFzZKCa/PHBvkoVnHk
> cFSDN+Z+PvFMeo5T5+GtEQ3H7XbQgOVAkRdRhwhpY1r8iuVB7gsK4dE2GmgWhE3m
> Z5WMmKOTY13KQgLzXq8TLJv9khc0+kx/0PrdKak02nYTSAw+OOFeewHF4Y68VH9L
> oqDhDntS7BxPMJXFmp9P3eadahVzwtKWLSDIa6VK/AKvV13SpdnALPhutDweW7pg
> mRrFLoBrSiEQGBbE4c2sIhWSrQK6v/ogfaBd5nPtrMcWGhBVkVIJqX/Fk8bBsouZ
> aA10uwiO1rZBRwV71ol+GeifkmHoUGkw3OcfYEBDSqzbT45nHrjEtgXRpwW+fiDF
> zzyvX68XjkYIVy/DKL2wc02d/oYVN/jMBm8bGCBTreom87R3nRi/amSKjPTazoZm
> yzwcrS6E+5anCF+SSHoppXF4/+3fwX8amzh1gvAfvX8vvWTji9uk7aiQJZjDfGr7
> iSBf7W6FPZl1/gR9Xiq4XuilJsSPUNwMr2VBDIX7KkAhaKgc2000/6BuTRsUU5i/
> mqkbQgys50uSSqluIWJnXltJ8khCYHKyF8NIW0gOeewPfn5uIi9pRBOI8aOqmgxc
> BpP02sYgQizAtXcnpadq
> =9tVG
> -----END PGP SIGNATURE-----
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://lists.cryptech.is/listinfo/tech


More information about the Tech mailing list