On Wed, Jan 18, 2017 at 8:22 PM, Chad Brewbaker wrote:
> Defenders have 100% knowledge of their verification coverage. They can put
> a SMT solver in their continuous integration pipeline and flag all code not
> verified for removal.
>
I think you have just described a CI
better at achieving "punctuated equilibrium" where defenders are
able to reach some sort of brief reprieve in certain classes of attacks and
provide extremely strong defenses as a sort of local maximum. That is,
until some paradigm-changing attack comes crashing down, and forces
everyone to
so,
it's a rather simple type system, and one that can typecheck things in the
same pass as processing it (I believe, I'm still yet to implement it).
Wait a minute, why are you stopping at objects with the type
> refinement? Shouldn't you put your entire schema into the type?
>
Objects as self-de
prehensive set of test cases that ensure conforming parsers
have the same behavior:
https://github.com/tjson/tjson-spec/blob/master/draft-tjson-examples.txt
--
Tony Arcieri
___
langsec-discuss mailing list
langsec-discuss@mail.langsec.org
https://mail.l
23:52:16Z
0026cid expires: 2016-01-09T23:52:21Z
0029cid not-before: 2016-01-09T23:52:16Z
002fsignature [...]
--
Tony Arcieri
___
langsec-discuss mailing list
langsec-discuss@mail.langsec.org
https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
, and inheritance.
--
Tony Arcieri
___
langsec-discuss mailing list
langsec-discuss@mail.langsec.org
https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss