[Cryptography] Security clearances and FOSS encryption?
ianG
iang at iang.org
Tue Jul 15 19:55:41 EDT 2014
On 15/07/2014 19:31 pm, Rick Smith, Cryptosmith wrote:
> On Jul 15, 2014, at 1:00 PM, Phillip Hallam-Baker <phill at hallambaker.com> wrote:
>>
>> Exactly, the people to worry about are the people who don't declare their affiliations and/or clearances.
>
> And so, let me ask the community: is it a common practice in the FOSS community to produce a detailed dossier on all participants, or is participation based on the contributor's visible established net cred as a developer?
In CAcert it is the former. Every person who provides 'critical' input
must go through a process.
> I suspect it’s the latter but I have no idea what the general practice might be.
To a large extent this is because CAcert has always been a target, and
the evidence on this has been clear. On reflection, in no other org
I've ever been involved with has this been an issue.
iang
More information about the cryptography
mailing list