Re: [langsec-discuss] Will we ever "solve" security, or prove that we can't?

On Wed, Jan 18, 2017 at 8:22 PM, Chad Brewbaker wrote: > Defenders have 100% knowledge of their verification coverage. They can put > a SMT solver in their continuous integration pipeline and flag all code not > verified for removal. > I think you have just described a CI

Re: [langsec-discuss] Will we ever "solve" security, or prove that we can't?

better at achieving "punctuated equilibrium" where defenders are able to reach some sort of brief reprieve in certain classes of attacks and provide extremely strong defenses as a sort of local maximum. That is, until some paradigm-changing attack comes crashing down, and forces everyone to

Re: [langsec-discuss] TJSON: Tagged JSON with Rich Types

so, it's a rather simple type system, and one that can typecheck things in the same pass as processing it (I believe, I'm still yet to implement it). Wait a minute, why are you stopping at objects with the type > refinement? Shouldn't you put your entire schema into the type? > Objects as self-de

Re: [langsec-discuss] TJSON: Tagged JSON with Rich Types

prehensive set of test cases that ensure conforming parsers have the same behavior: https://github.com/tjson/tjson-spec/blob/master/draft-tjson-examples.txt -- Tony Arcieri ___ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.l

[langsec-discuss] RFC on Boulangerie Macaroons

23:52:16Z 0026cid expires: 2016-01-09T23:52:21Z 0029cid not-before: 2016-01-09T23:52:16Z 002fsignature [...] -- Tony Arcieri ___ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss

[langsec-discuss] Blaze: Security Language

, and inheritance. -- Tony Arcieri ___ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss