[Cryptography] Project Grace
Stephan Neuhaus
stephan.neuhaus at zhaw.ch
Wed Jun 13 03:31:27 EDT 2018
On 2018-06-12 16:12, Aram Perez wrote:
> Anybody look at this project: https://gctc.opencommons.org/Project_GRACE?
I'm not a PKI expert, but to me this looks more like a wish list. I'm
not saying what they want to do is impossible, but I wonder how they
plan to achieve "no certificates" and "supports TLS" at the same time.
(Not TLS-PSK or TLS-SRP, mind you, they're talking about "the IETF
standard for transport security, i.e. TLS.")
Also, one of the KPIs is "penetration testing with cryptanalysis", which
seems vastly implausible. However, since the proposed way to measure
these KPIs is to be "certifiable to ISO 27001:2013", it is certainly
possible that this KPI will eventually be fulfilled.
TL;DR: colour me very skeptical.
Fun,
Stephan
More information about the cryptography
mailing list