[Ach] reviewers

Aaron Zauner azet at azet.org
Tue Dec 24 17:40:46 CET 2013

On 24 Dec 2013, at 17:32, christian mock <cm at coretec.at> wrote:

> One of the people I asked for a review was a bit worried that he
> couldn't stand with his name for the sections of the document he
> didn't review; he asked to have the reviewed sections listed with the
> reviewers, which I thought to be waaaaay to complicated, so I proposed
> to put some note in the reviewers section mentioning that they didn't
> review everything...
> Please check and revert if you don't like it.
> From the reviewers I contacted, the following issues are up for
> discussion:
> * we need a more prominent note that the reader should make sure he's got a
>  current copy of our document, because "secure" settings may change
>  any day when a new attack is discovered!

> * PKI section; I've rewritten it to include the CA and the Web of
>  Trust system to be more generic.


> * admins might be interested in performance estimates (i.e. "if I turn
>  on PFS, what is the slowdown?”)

We’d need to include benchmarks for various architectures. I’d recommend linking to some already available ones (although finding those is not as easy as it sounds).

> * the "MAC" column in the cipher suite tables (3.2.3) and in other
>  places does actually not contain a MAC, but a hash or a block cipher
>  mode... this may be nitpicking, but so will be our readers.

> * "factoring large primes" (ECC section, f'rex) is wrong, it's about
>  prime-factoring large numbers, isn't it?
Corrected. Thanks, good catch.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131224/554f74e0/attachment.sig>

More information about the Ach mailing list