Le mardi 27 mars 2012 à 03:19 +0200, Peter Stuge a écrit :
There was always a way for the ccid package to work around the
problem, I don't know why this wasn't done, but I guess that it would
have required too much effort, and noone contributed such effort to
the ccid project. I guess that a
Magosányi, Árpád wrote:
Graeme did some rework of the patch, but generally did not seem to
agree with the review. The new solution included the addition of new
API calls, however without any documentation. As anyone who has
looked at the code and doxygen output, libusb is quite well
Peter Stuge wrote:
So I would be in favor of letting main developers commit their
changes to ONE SINGLE git staging branch directly and let
developers/users fix the code.
It's an interesting idea, but it places a significantly higher
workload on the developers if there is more than one
Another issues with this project is many of the modifications can only be
tested
by a subset of developers (maybe only one) who have the cards that can use
the modification.
Maybe its an stupid idea (or already done), but can't we virtualize
(and use it in Jenkins) smartcards?
On 2012-03-26 09:17, helpcrypto helpcrypto wrote:
Another issues with this project is many of the modifications can only be
tested
by a subset of developers (maybe only one) who have the cards that can use
the modification.
Maybe its an stupid idea (or already done), but can't we
On Monday, March 26 at 09:17AM, helpcrypto helpcrypto wrote:
Another issues with this project is many of the modifications can only be
tested
by a subset of developers (maybe only one) who have the cards that can use
the modification.
Maybe its an stupid idea (or already done), but
Dear Peter,
http://en.wikipedia.org/wiki/Peer_review which I guess you may
already be familiar with.
Yes, I have heard about peer review.
Just remember there was a peer discussing about a 60 second timeout bug
in libusb/pcscd. The first peer says the bug is in libusb. The second
peer says the
Jean-Michel Pouré - GOOZE wrote:
Just remember there was a peer discussing about a 60 second timeout bug
in libusb/pcscd. The first peer says the bug is in libusb. The second
peer says the bug is in libccid. And the bug never gets fixed. And ALL
tokens may suffer from this 60 seconds timeout.
On 03/27/2012 03:19 AM, Peter Stuge wrote:
Graeme did some rework of the patch, but generally did not seem to
agree with the review. The new solution included the addition of new
API calls, however without any documentation. As anyone who has
looked at the code and doxygen output, libusb is
Jean-Michel Pouré - GOOZE wrote:
iterative modifications and evolutions. This only happens if the
first version of a patch is committed fast and spreads using the
Internet.
WTF?
This goes diametrically against the goal of software quality.
It is becoming clear to me that you have absolutely
On 03/25/2012 01:14 PM, Peter Stuge wrote:
Jean-Michel Pouré - GOOZE wrote:
iterative modifications and evolutions. This only happens if the
first version of a patch is committed fast and spreads using the
Internet.
WTF?
This goes diametrically against the goal of software quality.
Please
Le vendredi 23 mars 2012 à 13:19 +0200, Martin Paljak a écrit :
In legal terms, *copyright* on OpenSC belongs to the authors who have
contributed code, and/or marked it down in source code.
The fact that other, unknown persons (not established in source code
as copyright owners) have code in
Simple End User Joe here,
A suggestion for all concerned:
Please try to forget personal differences, and solve the problem ahead.
You are all very bright, you do awesome work, we all endlessly admire
you and thank you for all you have achieved so far. But.
For me it seems that there IS a problem
Although OpenSC may be in a bit of s*** right now, that's a gentle breeze
compared to what is happening in the outside world.
There will be a war between a set of very divided European SC-vendors against
three gaint US corportations who are rolling out virtual smart cards like:
Hello,
On Fri, Mar 23, 2012 at 15:17, Magosányi, Árpád m4g...@gmail.com wrote:
And you simultaneously don't have enough time to review patches.
Both are correct and understandable. And there is a way out of this
situation.
Require assurance of the stuff is working before even taking a look at
Hi,
On 03/23/2012 05:48 PM, Martin Paljak wrote:
The trick is having a system that works and also helps to achieve the
target of having more people *actually* looking at code and some
testing (like automatic building) done before even considering ack-ing
something. But lagging on processing
Magosányi, Árpád wrote:
6 months worth of patches which cannot be reviewed
This is simply not true. *Anyone* can register on Gerrit and review,
and *all* review is a helpful contribution!
The problem is not that the code can not be reviewed, but that noone
is doing review. Anyone can do it.
On 03/23/2012 07:10 PM, Peter Stuge wrote:
Magosányi, Árpád wrote:
6 months worth of patches which cannot be reviewed
This is simply not true. *Anyone* can register on Gerrit and review,
and *all* review is a helpful contribution!
The problem is not that the code can not be reviewed, but
On 3/23/2012 11:48 AM, Martin Paljak wrote:
Hello,
On Fri, Mar 23, 2012 at 15:17, Magosányi, Árpádm4g...@gmail.com wrote:
And you simultaneously don't have enough time to review patches.
Both are correct and understandable. And there is a way out of this
situation.
Require assurance of
On Fri, Mar 23, 2012 at 22:16, Douglas E. Engert deeng...@anl.gov wrote:
ECDH/C_Derive - One needs a smart card that can do ECC key derivation.
I have some test cards and some demo cards from NIST that can do this,
The NIST people were using the mods for testing with thunderbird,
On 03/23/2012 09:16 PM, Douglas E. Engert wrote:
Another issues with this project is many of the modifications can only be
tested
by a subset of developers (maybe only one) who have the cards that can use
the modification.
I am more optimistic than that. If it is made clear that the patch
On 3/23/2012 3:29 PM, Martin Paljak wrote:
On Fri, Mar 23, 2012 at 22:16, Douglas E. Engertdeeng...@anl.gov wrote:
ECDH/C_Derive - One needs a smart card that can do ECC key derivation.
I have some test cards and some demo cards from NIST that can do this,
The NIST people
Dear all,
SM - I don't have any cards that can use this, others may.
ePass2300 - GOOZE was willing to sending them out to developers, I
don't
know how many may have them, and if they do have they voted?
It worked for me and I voted +1. (I think I voted.)
We really welcome
Dear Douglas,
What this means is that you are not going to get many votes because
in some cases only the author can test the code. A +1 from the author
may be the most you will get!
If we look at GIThub, there is a limited numbers of OpenSC forks, which
means a relatively small workforce.
On 23/03/2012 19:10, Peter Stuge wrote:
The problem is not that the code can not be reviewed, but that noone
is doing review. Anyone can do it.
I'd do reviews, but the last time I tried to really understand OpenSC's
flow, all I got was an headache (a big one...) :(
So it's not a will issue,
On 03/23/2012 11:10 PM, NdK wrote:
I'd do reviews, but the last time I tried to really understand OpenSC's
flow, all I got was an headache (a big one...) :(
So it's not a will issue, it's more an understandig issue. At least for
me. And I'd really like to be able to help, but it seems only a
26 matches
Mail list logo