All PMC Chairs have been requested to report on the use of
cryptography within their projects in their quarterly board reports
(which are due shortly).
I did a quick scan on the log4net for "crypto" and found mentions in
three places:
cs/src/AssemblyInfo.cs
src/AssemblyInfo.cs
Describes process of digitally signing assembly.
src/Appender/FileAppender.cs
Describes process of user overriding method to use a encrypted stream.
src/Util/PatternStringConverters/RandomStringPatternConverter.cs
Mentions that random number generator used isn't cryptographically
secure.
src/Util/SystemInfo.cs
Implements a newGuid() function on .NET Compact Framework 1.0 by
calling Win32's CryptGenRandom.
Did I miss any other application of cryptography in log4net that may
need to be reviewed?
Any other news for the board for this quarter?
