Re: [Logic-security-developers] Clarifications
Brought to you by:
computergeek693
Menu
▾
▴
Re: [Logic-security-developers] Clarifications
|
From: G M B. <bo...@uo...> - 2005-09-01 18:47:15
|
Regarding the code beautifier, the program "indent" will do it. You can make indent format code pretty much however you want it, by passing different command line options to it. I'm not hugely familiar with the use of indent, but I can check it out and see what options we would need to use for it. Also, running the beautifier before each upload would probably be overkill. Maybe just run the entire project through it every couple of weeks, and before a release is made. For the vote on camelback notation, I don't care much. I use it out of habit, but I'm okay with not using it too. In terms of libraries for cryptographic functions, we need to consider that these libraries are probably written in a more secure and accurate way than something that we would write - and I believe both cryptlib and crypto++ provide source code - we wouldn't be statically linking, we'd just be using their code (cryptlib usus the sleepycat licence, which ends up being almost the same as the GPL for OpenSource projects). In addition, using a library would allow us to present more encryption options to the user, and would allow us to procede to an second major release more quickly. These libraries have been thoroughly checked for security flaws, and are widely used. Unless the person doing the bulk of the coding on our encryption algorithms has a background in cryptography, in is unlikely that we would be able to produce code of that caliber without quite a lot of work. It just seems like re-inventing the wheel for no reason. These are my thoughts, anyway. --Matt |
