From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: James Morris <jmorris@namei.org>
Cc: ksummit-discuss@lists.linuxfoundation.org,
Eric Biggers <ebiggers@google.com>
Subject: Re: [Ksummit-discuss] [TECH TOPIC] Kernel security
Date: Fri, 29 Sep 2017 01:09:18 +0200 [thread overview]
Message-ID: <CAHmME9qb2EAKxJwCvQU_SkxjUaWjDaB2uh-7smFMw=04kSgvDw@mail.gmail.com> (raw)
In-Reply-To: <alpine.LRH.2.21.1709290833470.15742@namei.org>
On Fri, Sep 29, 2017 at 12:50 AM, James Morris <jmorris@namei.org> wrote:
> Another potential topic would be whether we can provide better review of
> crypto users within the kernel.
> One idea would be to create a mailing list for this purpose, which
> developers can cc: if they are posting new code or updates to code which
> uses the crypto API. We could encourage folk with crypto design &
> analysis skills (who may not necessarily be kernel developers, or
> following every possibly related mailing list) to help out with crypto
> review.
To cross-post what I wrote in our other thread, which wasn't CCd to this list:
> I won't be at kernel summit, regrettably, but I do intend to
> methodically work through the kernel reviewing the various crypto
> [mis]uses in places. I also have some larger plans regarding reworking
> a few aspects of the crypto API, that I'll start a discussion with
> Herbert about during the next several months.
> So, expect some more things like this patch to gradually be rolling
> your way, along with maybe larger overall changes. If you wind up
> discussing this in any substantial way at the summit this year, please
> do try to loop me in at some point.
So, I really like the idea of having a dedicated mailing list or even
a simple email alias for that kind of discussion. I know a few
pure-academics who would actually be interested in participating in
that, and personally I'm kind of existing in the void between the
kernel world and the crypto world, so that sort of list is of course
interesting to me.
One potential difficulty with "security-related" lists, and
crypto-related things in particular, is that there are often many
people eager to share misinformation or who read Schneier way back
when and then... Anyway, I suspect at kernel summit, a discussion will
yield some way to approach that.
Jason
prev parent reply other threads:[~2017-09-28 23:21 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-23 4:24 James Morris
2017-09-28 17:27 ` Jarkko Sakkinen
2017-10-09 16:23 ` Jarkko Sakkinen
2017-10-12 11:21 ` Jarkko Sakkinen
2017-09-28 22:50 ` James Morris
2017-09-28 23:09 ` Jason A. Donenfeld [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHmME9qb2EAKxJwCvQU_SkxjUaWjDaB2uh-7smFMw=04kSgvDw@mail.gmail.com' \
--to=jason@zx2c4.com \
--cc=ebiggers@google.com \
--cc=jmorris@namei.org \
--cc=ksummit-discuss@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox