Hi, Pierre Jaury <pie...@jaury.eu> writes: > This software is still an early research project: as far as I know, only > basic formal security analysis has been performed.
Ok, just make sure that the users know about this. > Yet, for your specific concern about usual AES vulnerability when using > independently encrypted blocks, the project aims at providing temporary > private storage but does not pretend to provide secure operations. Ok, next question is then: how does vodstok detects tampering done by hostile peers? > By the way, I am quite new at Debian packaging and still asking plenty > of (dumb) questions. Should I package client-only as vodstok (which is > in fact mostly written in Python) and PHP repository separately as > vodstok-server or anything? Two separate binary packages might make sense in that case yes but they'll of course be part of the same source package I assume? -Timo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org