Robert O'Callahan wrote:
> I also think that sandboxing the engine is not interesting. Assuming
> you're talking about OS-level process sandboxing, there's no risk
> there; we know browser engines can be sandboxed that way.
Sandboxing affects the design and implementation of networking, iframes, f
Robert O'Callahan wrote:
> I thought we were going to rely on Rust's
> isolation mechanisms for this kind of finer-grained isolation. I
> thought that was a big part of the point of introducing Rust in the
> first place
Let's make the assumption that some future web browser-like thing, intended f
David Bruant wrote:
> It seems like in theory, it could be possible to handle the content
> of a cross-origin iframe in a specific Rust task (or bunch of tasks).
I thought Rust tasks were supposed to be very lightweight. If so, why not put
every iframe in a separate task, whether it is same-origi
Patrick Walton wrote:
> *ring* *is* BoringSSL -- at least the crypto primitives from it --
> wrapped into a nice Rust library.
Originally, *ring* could accurately be described as a subset of
BoringSSL. Then it became a subset of BoringSSL wrapped in Rust. Since
then we've replaced a lot of the C c
On Fri, Aug 26, 2016 at 1:59 PM, Brian Smith wrote:
> I am proud of the work that David Keeler, Camilo Viecco, and I
> did on mozilla::pkix.
Sorry to reply to my own post. I just wanted to point out two things:
Matt Wobensmith, the QA person that we worked with on mozilla::pkix,
was a
On Thu, Sep 1, 2016 at 10:43 AM, Jack Moffitt wrote:
> mozpkix was the proposal, which Brian is also an author of. Brian, why
> exactly is mozpkix hard to wrap? Specific examples may help us
> understand Rust / C++ limitations. If that library is hard enough to
> wrap, then it might be less work
Jack Moffitt wrote:
> Since we currently use OpenSSL via hyper, this means the trait would
> be used there. I assume we'll also need a trait for the pki parts (and
> those are in Servo I think).
>
> With that boundary we could replace OpenSSL with NSS and then add
> others as they come online. Th
On Tue, Sep 6, 2016 at 11:38 AM, Jack Moffitt wrote:
> > Outside of the NSS team, who has more confidence in NSS than *ring* +
> > webpki + Rustls, BoringSSL, or OpenSSL? And, what is the reasoning?
>
> I think the assumption here is that many people outside the current
> Rust community would hav
Olaf Buddenhagen wrote:
> Sorry for being late to this discussion, but I feel the need to remind
> everyone of the infamous OpenSSL licensing problem, i.e. the fact that
> the SSLeay license it is (partially) covered by is considered
> GPL-incompatible by many -- including (among others) the Debi
9 matches
Mail list logo
