[Ach] reviewers
Aaron Zauner
azet at azet.org
Tue Dec 24 17:40:46 CET 2013
On 24 Dec 2013, at 17:32, christian mock <cm at coretec.at> wrote:
> One of the people I asked for a review was a bit worried that he
> couldn't stand with his name for the sections of the document he
> didn't review; he asked to have the reviewed sections listed with the
> reviewers, which I thought to be waaaaay to complicated, so I proposed
> to put some note in the reviewers section mentioning that they didn't
> review everything...
>
> Please check and revert if you don't like it.
>
> From the reviewers I contacted, the following issues are up for
> discussion:
>
> * we need a more prominent note that the reader should make sure he's got a
> current copy of our document, because "secure" settings may change
> any day when a new attack is discovered!
ACK.
>
> * PKI section; I've rewritten it to include the CA and the Web of
> Trust system to be more generic.
Thanks.
> * admins might be interested in performance estimates (i.e. "if I turn
> on PFS, what is the slowdown?”)
We’d need to include benchmarks for various architectures. I’d recommend linking to some already available ones (although finding those is not as easy as it sounds).
> * the "MAC" column in the cipher suite tables (3.2.3) and in other
> places does actually not contain a MAC, but a hash or a block cipher
> mode... this may be nitpicking, but so will be our readers.
ACK.
> * "factoring large primes" (ECC section, f'rex) is wrong, it's about
> prime-factoring large numbers, isn't it?
Corrected. Thanks, good catch.
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131224/554f74e0/attachment.sig>
More information about the Ach
mailing list