> http://web.mit.edu/Saltzer/www/publications/Saltzerthumbnails.pdf
http://mit.edu/6.033/2004/wwwdocs/handouts/L26.2004.pdf for a more
recent set - although a couple of systems mentioned on slide 32
(conceptual integrity) are very suspect :)
>> It happens because engineers are too lazy or scared to try to
>> understand the code they are modifying, and a layer seems safer. My
>> case was 3 years of 2 code teams. Imagine 10 years of open-source-
>> like distributed development :-(
>
> your experience tallies with slide 24 from jerome
> It happens because engineers are too lazy or scared to try to
> understand the code they are modifying, and a layer seems safer. My
> case was 3 years of 2 code teams. Imagine 10 years of open-source-
> like distributed development :-(
your experience tallies with slide 24 from jerome saltzer'
I took another run at pgp 6.5.1i and 6.5.8 and gave up again. They've
taken what was a fairly simple source tree and smashed it up and
swizzled it around, then added the configure goo and makefiles and
shell scripts that helpfully rerun configure when it's already been
run. This is self-inflicted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I should have said "time-pressured" not lazy; but yes, bang on.
Paul
On 28-Mar-06, at 7:17 PM, [EMAIL PROTECTED] wrote:
i don't personally know any lazy engineers, but i do know quite a
few that are scared of
being the scapegoat.
i worked on a
We ought to have a recent pgp or gpg both for mail and local
encryption. I've just converted a cpu server to linux, so I should be
able to run configure there, once I decide which version to try.
i don't personally know any lazy engineers, but i do know quite a few that are
scared of
being the scapegoat.
i worked on a big full-text search project that never wrote its own
search engine. we used OpenText pat, pls/cpl (later bought by aol), excalibur,
inktomi hosted search and probablly a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 28-Mar-06, at 9:29 AM, Charles Forsyth wrote:
( gnupg and those
tools are really big,
why are they so big?
silly question, probably.
Some years ago I had to drop a new graphics engine into an existing
code base. Their performance was hid
somehow you understood the opposite of what i ment.
the point is that using encrypted/signed s/mime with upas
should be transparent. i would think the easiest way to do that would
be to do the translation as close to the edges of the system as possible.
those edges would be upas/fs -- which pre
On 3/29/06, Gabriel Diaz <[EMAIL PROTECTED]> wrote:
> hello
>
> because those tools support a lot of algorithms / mime / certificates, etc,
> :-?
> if all you want is crypt a file and be able to read it between
> windows. lunix, plan9 :-?
>
> I doesn't mean those tools are big compared to ones wit
hello
because those tools support a lot of algorithms / mime / certificates, etc, :-?
if all you want is crypt a file and be able to read it between
windows. lunix, plan9 :-?
I doesn't mean those tools are big compared to ones with the same
functionality, may be i choose a bad expression, sorry.
> ( gnupg and those
> tools are really big,
why are they so big?
silly question, probably.
Hello
May be it is easy to make upas plumb the signatures and encription to
other tool.
About the files, i think there are tools that will "compile" on the
three environments and will crypt streams of bytes (cat | crypt >
file.crypt ), i think that is the easier way :-? ( gnupg and those
tools ar
ozinferno is based on an encrypted filesystem - the last work
i did with boyd. i'll try and get a release together when i'm
less ill.
brucee
On 3/29/06, Anthony Sorace <[EMAIL PROTECTED]> wrote:
> Erik Quanstrom wrote:
> // i think a better route would be to build s/mime compatable signatures
>
Erik Quanstrom wrote:
// i think a better route would be to build s/mime compatable signatures
// and encryption into upas/fs and upas/marshal so applications without
// a need to know would not have to know.
i'm not really sure what you mean by that. certainly we shouldn't
require the content-pro
auth/aescbc already includes anti-tampering checks,
based on SHA1 which is better than MD5.
But aescbc was never intended to last this long; it was a
temporary measure until NIST settled on a common mode of
operation, presumably CTR rather than CBC. It's not clear
yet if mode (or the hash functi
i think a better route would be to build s/mime compatable signatures
and encryption into upas/fs and upas/marshal so applications without
a need to know would not have to know.
- erik
On Mon Mar 27 18:39:14 CST 2006, [EMAIL PROTECTED] wrote:
> Fernan wrote:
> // I am trying to get some sort of
Fernan wrote:
// I am trying to get some sort of encyption. Protability between p9, linux and
// windows is a bit critical for my application ( I am paranoid ).
pgp or gpg would be nice for portability, as well as for other things,
like signing mail. in the mean time, inferno's 'idea' performs the
On 3/27/06, Lluís Batlle <[EMAIL PROTECTED]> wrote:
> You can take a look at ccrypt (ccrypt.sf.net) if it's about file encryption,
> but I don't know if it wil work on plan9. I've only compiled it with the
> called "gnu configure machinery".
>
> 2006/3/27, Fernan Bolando <[EMAIL PROTECTED]>:
> > On
You can take a look at ccrypt (ccrypt.sf.net) if it's about file
encryption, but I don't know if it wil work on plan9. I've only
compiled it with the called "gnu configure machinery".2006/3/27, Fernan Bolando <[EMAIL PROTECTED]>:
On 3/27/06, Steve Simon <[EMAIL PROTECTED]> wrote:> If you are just l
On 3/27/06, Steve Simon <[EMAIL PROTECTED]> wrote:
> If you are just looking for file encryption then
> auth/aescbc will do that for you. A little script
> would allow you to validate a locally held md5sum
> digest of the file to inform you of any tampering.
> Aescbc is not portable outside of plan
If you are just looking for file encryption then
auth/aescbc will do that for you. A little script
would allow you to validate a locally held md5sum
digest of the file to inform you of any tampering.
Aescbc is not portable outside of plan9 - p9p not
withstanding.
-Steve
I got pgp 2.6.2 running under APE without much trouble years ago. The
newer g?pgp?s all seem to rely on the gnu configure machinery, so I
haven't made the effort. It would be helpful if somebody got a
version of g?pgp? running that understood all the key formats, if
such a version exists.
Hi all
Anybody working on a port of gnupg. I would like to use it store
sensitive files to public servers
like mordor etc.
,Fernan
--
Public PGP/GnuPG key (http://www.fernski.com)
pub 1024D/3576CA71 2006-02-02 Fernan Bolando
Key fingerprint = FDFE C9A8 FFED C1A5 2F5C EFEB D595 AF1C 3576 CA71
24 matches
Mail list logo
