[Cryptography] Project Grace

Stephan Neuhaus stephan.neuhaus at zhaw.ch
Wed Jun 13 03:31:27 EDT 2018


On 2018-06-12 16:12, Aram Perez wrote:
> Anybody look at this project: https://gctc.opencommons.org/Project_GRACE?

I'm not a PKI expert, but to me this looks more like a wish list. I'm 
not saying what they want to do is impossible, but I wonder how they 
plan to achieve "no certificates" and "supports TLS" at the same time. 
(Not TLS-PSK or TLS-SRP, mind you, they're talking about "the IETF 
standard for transport security, i.e. TLS.")

Also, one of the KPIs is "penetration testing with cryptanalysis", which 
seems vastly implausible. However, since the proposed way to measure 
these KPIs is to be "certifiable to ISO 27001:2013", it is certainly 
possible that this KPI will eventually be fulfilled.

TL;DR: colour me very skeptical.

Fun,

Stephan


More information about the cryptography mailing list