Hi all, I am trying to find out which could be a best development environment and solutions to adopt (from a secure programming point of view) when developing an open source project.
In particular I'd like to know how many of you have considered this issue
and if you successfully addressed it. I saw there are many tools available
(but most of them are not maintained), for example:
* CCured
* SCC
* SPLINT
Have any of you ever considered the usage of such tools? I am also evaluating
different languages other then C to avoid the common problems (e.g. buffer
overflows).
Current options are:
* OCaml
* Haskel
* Cyclone
* Vault
Which one do you think it would be best suitable for a project like an on-line
CA or a server of some kind (e.g. OCSP, TimeStamping, etc...) ? Why ?
Thanks to everybody,
--
Best Regards,
Massimiliano Pala
--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
[EMAIL PROTECTED]
Dartmouth Computer Science Dept Home Phone: +1 (603) 397-3883
PKI/Trust - Office 062 Work Phone: +1 (603) 646-9226
--o------------------------------------------------------------------------
smime.p7s
Description: S/MIME Cryptographic Signature
