On Thu, Mar 22, 2012 at 12:03 AM, Peter Stuge <pe...@stuge.se> wrote: > Alon Bar-Lev wrote: >> I will try again. > > Thanks! It really helps!
I am glad! Well, let's agree we do not agree... :) At no point in time I argue that the gerrit is not a good tool, I argue the methodology. Anyway, just last note I want to make... OpenSC is by far *NOT* a security project. Yes, that may sound surprising... :) OpenSC deals with security subject, that's true... hardware cryptography. But its origin mission was to provide access (USABILITY) to none Windows (+ none proprietary) users to hardware cryptography, PKCS#15 and partially by reverse engineering. If we want OpenSC to be security project, we should probably rewrite the whole thing from scratch. With different priorities, the code will probably be completely different feature set will be smaller, and the quality of the code will be higher, thus also the cost of implementation and maintenance. Few years back, when I tried to push OpenSC enabled tokens to enterprises, I found that I just cannot do that, mainly because of this reason. I don't see this happening without sponsor and some full time developers. Maybe this is another issue that differentiate our views. I think there is a great value in current state of OpenSC to allow people to [at least] use hardware cryptography, even if this is not the perfect implementation, keeping it flexible enough to enlarge the cycle of devices and users. Apart of the value of people can actually use their hardware, this implementation will allow in future the necessary low level details in order to do the rewrite. Alon. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
