История изменений
Исправление
proxyfyer,
(текущая версия)
:
Такой https://www.nccgroup.trust/us/our-research/matrix-olm-cryptographic-review/ ?
ок, читаем:
Synopsis In September 2016, Matrix, along with financial support from the Open Technology Fund,1 engaged NCC Group’s Cryptography Services Practice to perform a targeted review of their cryptographic library Olm. The review covered two major components of the Olm library: the double ratchet used for peer-to-peer communications, and Megolm, the group ratcheting mechanism. Matrix has produced several reference implementations that make use of the Olm library including the client-server SDK for JavaScript, matrixjs-sdk.2 Matrix-js-sdk was not reviewed during the engagement; however, certain remediations to issues were applied to this implementation and not Olm.
ну то есть проводилось ревью лишь первых двух главных компонентов всей конструкции без ревью самого сдк. мило.
The review covered the 1.3.0 release of the Olm library. Two consultants performed the engagement over a span of two weeks (September 19 to September 30,2016) and consisted of 15 person-days of effort. A follow-up review of fixes was performed over the latter half of October.
оу, то есть это ЧАСТЬ исследования, огрызок которой они публикуют в следующем пресс-ките. офигенно. тесты проводились аш целыми двумя консультантами, конкретной реализации протокола и в течении 15 человеко-дней в сумме. это просто агонь а не ревью. интересно, это НЁХ уже сразу под GPL v3 или еще нет?
Исправление
proxyfyer,
:
Такой https://www.nccgroup.trust/us/our-research/matrix-olm-cryptographic-review/ ?
ок, читаем:
Synopsis In September 2016, Matrix, along with financial support from the Open Technology Fund,1 engaged NCC Group’s Cryptography Services Practice to perform a targeted review of their cryptographic library Olm. The review covered two major components of the Olm library: the double ratchet used for peer-to-peer communications, and Megolm, the group ratcheting mechanism. Matrix has produced several reference implementations that make use of the Olm library including the client-server SDK for JavaScript, matrixjs-sdk.2 Matrix-js-sdk was not reviewed during the engagement; however, certain remediations to issues were applied to this implementation and not Olm.
ну то есть проводилось ревью лишь первых двух главных компонентов всей конструкции без ревью самого сдк. мило.
The review covered the 1.3.0 release of the Olm library. Two consultants performed the engagement over a span of two weeks (September 19 to September 30,
- and consisted of 15 person-days of effort. A follow-up review of fixes was performed over the latter half of October.
оу, то есть это ЧАСТЬ исследования, огрызок которой они публикуют в следующем пресс-ките. офигенно. тесты проводились аш целыми двумя консультантами, конкретной реализации протокола и в течении 15 человеко-дней в сумме. это просто агонь а не ревью. интересно, это НЁХ уже сразу под GPL v3 или еще нет?
Исходная версия
proxyfyer,
:
Такой https://www.nccgroup.trust/us/our-research/matrix-olm-cryptographic-review/ ?
ок, читаем:
Synopsis In September 2016, Matrix, along with financial support from the Open Technology Fund,1 engaged NCC Group’s Cryptography Services Practice to perform a targeted review of their cryptographic library Olm. The review covered two major components of the Olm library: the double ratchet used for peer-to-peer communications, and Megolm, the group ratcheting mechanism. Matrix has produced several reference implementations that make use of the Olm library including the client-server SDK for JavaScript, matrixjs-sdk.2 Matrix-js-sdk was not reviewed during the engagement; however, certain remediations to issues were applied to this implementation and not Olm.
ну то есть проводилось ревью лишь первых двух главных компонентов всей конструкции без ревью самого сдк. мило.