On 7/11/25 06:16, Jeffrey Walton via curl-library wrote: > On Fri, Jul 11, 2025 at 6:10 AM Daniel Stenberg via curl-library > <curl-library@lists.haxx.se> wrote: >> >> On Fri, 11 Jul 2025, Timothe Litt via curl-library wrote: >> >>> bricking hardware by making it impossible to access them will not make you >>> any friends.... >> >> First, if this change would *brick* a device that would be entirely because >> of >> stupid engineering and not because of curl. > > It has been my experience that US DoD, US Federal and US Medical could > encounter problems. That's because of the cost associated with > certifying devices. It does not have anything to do with bad > engineering.
I actually disagree. If the firmware on a device can never be updated, there should be a formal proof that nothing can access the device without authentication. Moving the network stack to a separate chip and using a formally verified implementation of the cryptographic protocols is one way to do that. -- Sincerely, Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
