Re: [viff-devel] Why all the bug reports?!

[Martin Geisler]

Martin Geisler <[EMAIL PROTECTED]> writes:

> Because I wanted to remind you guys that there are many low-hanging
> fruits where you can help...

But nobody replied... :-/

I have begun fixing Issue 52:

  http://tracker.viff.dk/issue52

This means that we now have the latest HTML and API documentation
easily accesable on the homepage. So if you fix something in the
documentation it will appear now instead of after the next release.

> The documentation updates should be especially easy.

I have tagged the easy ones with a 'simple' keyword, you can see:

  http://ln-s.net/25kK

This is in the spirit of the Gnome Love project which you may have
heard about:

  http://live.gnome.org/GnomeLove

-- 
Martin Geisler
___
viff-devel mailing list (http://viff.dk/)
viff-devel@viff.dk
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk

[viff-devel] [issue56] Switch from /doc/latest/foo to /doc/foo

[Martin Geisler]

New submission from Martin Geisler <[EMAIL PROTECTED]>:

There are some links on the webpage (and probably also in the
documentation) which points to

  http://viff.dk/doc/latest/

They should be changed to just

  http://viff.dk/doc/

now since this is where the current version will be from now on.

--
keyword: beginner, documentation
messages: 146
nosy: mg
priority: bug
status: unread
title: Switch from /doc/latest/foo to /doc/foo


VIFF Issue Tracker <[EMAIL PROTECTED]>


___
viff-devel mailing list (http://viff.dk/)
viff-devel@viff.dk
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk

Re: [viff-devel] Which operations for HSM (Hardware Crypto)

[Brian Graversen]

Hi Martin.

Back from holiday, so a quick reply to this one.

> > Let us think a bit about that. Do we even want to store the shares
> > in the HSM? What would be the benefits? Security/performance?
>
> I imagine a system where I take my input and give it to the HSM. It
> would then secret share the input using its own secure randomness and
> encrypt each share using the recepients public key. The encrypted
> shares are then output form the HSM and sent over the network.

[snip]

> Ah, okay -- I only read some of the IBM pages which described the 4758
> unit as a something close to a general purpose computer:
>
>   The IBM 4758 PCI Cryptographic Coprocessor encapsulates a 486-class
>   processing subsystem within a tamper-sensing and tamper-responding
>   environment where you can run security-sensitive processes. [...]
>
>   (http://www.ibm.com/security/cryptocards/pcicc/overview.shtml)

I have talked to IBM, and we are currently waiting for a license for the tool
required to load application code into the IBM 4758 cards. We should get such a
license at the beginning of august.

The code is just basic C-code, so we can start writing the applications right
now. The RSA encryption is available i the box, so it is just the secret share
code that we need for now.

> Also, as Ivan notes, the IBM 4758 will work well as a tool for keeping
> shares secure when stored on disk waiting to be processed -- which is
> another problem we have talked about...

If we let the 4758 do all the secret sharing, it can keep the shares stored
encrypted on disk, using an internal 3DES key, and the encryption of the shares
would then be an internal part of the secret share mechanism in the 4758.

Kind regards
Brian Graversen
___
viff-devel mailing list (http://viff.dk/)
viff-devel@viff.dk
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk