Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Advice and feedback on our crypto software audits

David Dahl ddahl at nulltxt.se
Thu Feb 20 07:41:09 PST 2014


Good Morning Crypto and Privacy Enthusiasts,

[X-posted to randombit, metzdowd and liberation-tech]

I'd like to solicit feedback from the crypto/privacy community on 
development procedures for bringing a new cryptography product to market 
in a responsible manner with sufficient review and vetting of its design 
and security claims.

The product ( Crypton, https://crypton.io ) is open source (AGPL) and a 
high level 'secure-by-default' framework for building collaborative 
multi user applications. Naturally, this is a web framework, but 
deployment is currently recommended for HTML5 mobile apps and browser 
extensions.

Here's the first part of the story about how we've approached  security 
auditing so far.  I'm curious if there are more efficient ways to 
leverage the security review budget.

https://spideroak.com/blog/20140220090004-responsibly-bringing-new-cryptography-product-market

Thanks in advance,

David Dahl
Crypton Director, SpiderOak
https://spideroak.com
https://crypton.io



More information about the liberationtech mailing list