* L. Aaron Kaplan <[email protected]> [07/11/2015 17:33:03] wrote: > As I said before - we *had* that. > It got commited-over ;-)
Even in the part where we had config files around? I didn't see it in the git history. I thought maybe it was never added there, but I may have just missed that. > > > If we choose to autogenerate those, they really should be checked with > > some form of continuous integration tooling (jenkins, travis-ci, etc.) > > and some form of linting. > > > Agreed. > > >> On the other hand - you are right - there are differences in different > >> OSes/libraries (openssl versions) and clients. > >> For that we had discussed that the best option would be an automatic > >> testing facility which tests compatibilities. > >> There seems to be some previous work on this from azet as well as others. > >> Once these test results are in, we *could* make a cipher string generator > >> on the web page where users can select the OS version, libraries , > >> supported clients and click on “Variant A: a super secure cipher string, > >> no compatibility” or “Variant B: compatible secure cipher string”. > >> > > > > Somebody still needs to do this, nobody volunteered so far. It's a lot > > of work if we're going to integrate testing. > > Well, then it’s time to re-activate our group. That would be great. I'm happy to participate in regular meetings again. I'd also be happy to outline a continous integration pipeline and how it needs to be implemented, I've done so for a couple of customers in the past - but setting up stuff is the actual work here, and I currently don't have enough time on my hands for that. I can provide VMs and a gigabit connection though. Aaron
signature.asc
Description: Digital signature
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
