logic-security-developers

[Logic-security-developers] Clarifications

[Vageli M. <com...@ya...>]

Okay it seems like there is a lot of clarification
needed.  Also, I am fully recovered and can now devote
my time to this project.

For starters, I do not see a .NET port in the cards at
this time.  I would like to see the fulfillment of the
objectives laid out in the roadmap.  Do you have any
particular reason why there should be a port to .NET? 
Does it offer any significant advantages over the
current language?

Secondly, after reading Greg's comments in the forum,
I think that we should create some script that will
act as a "beautifier".  We would run our code through
it before uploading to the CVS.  If anyone is
interested in writing one that adheres to the
programming guide lines, start a thread in the forum.

Note to Greg:  I personally dislike camel notation but
we could take a vote and see how many people would
like to institute it in place of the current
convention.

Finally, concerning the use of libraries; I do not
think libraries are an absolute must.  If we can find
an implementation in a regular source file we could
use that instead.  All I want is the implementation of
different algorithms, it doesn't matter how it is
done.

Note to All:  You should all consider monitoring the
developers forum so you can stay on top of posts
there.

I hope this clears up a few things.

--
Vageli Mouzakitis


		
____________________________________________________
Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs 
 

Re: [Logic-security-developers] Clarifications

[Fane H. <fa...@fa...>]

Although I am just the (new) web designer not a developer, I should mention:

Regarding Alexander's concern about the software on new versions of Windows, 
note that I have an MSDN subscription at work, which means I have a legal 
copy of Longhorn Beta 1 (Windows Vista/2006).  If you guys need something 
tested for Windows Vista, let me know.  (Although I may switch jobs soon, 
and lose access to that).  Of course, I think that pretty much anything that 
runs on XP should run on Vista.

Fane
www.fanehenderson.com


----- Original Message ----- 
From: "Vageli Mouzakitis" <com...@ya...>
To: <log...@li...>
Sent: Wednesday, August 31, 2005 11:27 PM
Subject: [Logic-security-developers] Clarifications


> Okay it seems like there is a lot of clarification
> needed.  Also, I am fully recovered and can now devote
> my time to this project.
>
> For starters, I do not see a .NET port in the cards at
> this time.  I would like to see the fulfillment of the
> objectives laid out in the roadmap.  Do you have any
> particular reason why there should be a port to .NET?
> Does it offer any significant advantages over the
> current language?
>
> Secondly, after reading Greg's comments in the forum,
> I think that we should create some script that will
> act as a "beautifier".  We would run our code through
> it before uploading to the CVS.  If anyone is
> interested in writing one that adheres to the
> programming guide lines, start a thread in the forum.
>
> Note to Greg:  I personally dislike camel notation but
> we could take a vote and see how many people would
> like to institute it in place of the current
> convention.
>
> Finally, concerning the use of libraries; I do not
> think libraries are an absolute must.  If we can find
> an implementation in a regular source file we could
> use that instead.  All I want is the implementation of
> different algorithms, it doesn't matter how it is
> done.
>
> Note to All:  You should all consider monitoring the
> developers forum so you can stay on top of posts
> there.
>
> I hope this clears up a few things.
>
> --
> Vageli Mouzakitis
>
>
>
> ____________________________________________________
> Start your day with Yahoo! - make it your home page
> http://www.yahoo.com/r/hs
>
>
>
> -------------------------------------------------------
> SF.Net email is Sponsored by the Better Software Conference & EXPO
> September 19-22, 2005 * San Francisco, CA * Development Lifecycle 
> Practices
> Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
> Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
> _______________________________________________
> Logic-security-developers mailing list
> Log...@li...
> https://lists.sourceforge.net/lists/listinfo/logic-security-developers
> 

Re: [Logic-security-developers] Clarifications

[G M B. <bo...@uo...>]

Regarding the code beautifier, the program "indent" will do it. You can
make indent format code pretty much however you want it, by passing
different command line options to it. I'm not hugely familiar with the
use of indent, but I can check it out and see what options we would need
to use for it. Also, running the beautifier before each upload would
probably be overkill. Maybe just run the entire project through it every
couple of weeks, and before a release is made.

For the vote on camelback notation, I don't care much. I use it out of
habit, but I'm okay with not using it too.

In terms of libraries for cryptographic functions, we need to consider
that these libraries are probably written in a more secure and accurate
way than something that we would write - and I believe both cryptlib and
crypto++ provide source code - we wouldn't be statically linking, we'd
just be using their code (cryptlib usus the sleepycat licence, which
ends up being almost the same as the GPL for OpenSource projects).  In
addition, using a library would allow us to present more encryption
options to the user, and would allow us to procede to an second major
release more quickly. These libraries have been thoroughly checked for
security flaws, and are widely used. Unless the person doing the bulk of
the coding on our encryption algorithms has a background in
cryptography, in is unlikely that we would be able to produce code of
that caliber without quite a lot of work.  It just seems like
re-inventing the wheel for no reason.

These are my thoughts, anyway.

--Matt