Nick Mathewson

icon indicating a website link www.wangafu.net/~nickm icon indicating an email [email protected]

icon company The Tor Project icon location Massachusetts, USA icon location da7CmqugT3N4DBfg$F3h@seq#AhyH9yQT9mxfgCpVy$rZU$zbCJDJ/p$bu>@#iJdVDyaEPdzJnvRa$Q7cQiJjZEmkr8FeE/WXmhvGdfFd9kxjwm$Z/bh#RwJdb2tXruvuFX/DgE6xQ4>

Results 38 comments of Nick Mathewson

Consider desktop implementation

Ideally, I'd like to see as much code as reasonable shared between desktop and mobile, so that each can benefit from the developers who work on the other. But of...

Display more details about used encryption

Hi, I'm the resident openssl/crypto guy that ioerror mentioned above. :) This plan sounds pretty solid, if I understand it correctly; getting server-side support for good (large group) DHE in...

Encrypt result of identity handshake with client provided x25519 public key to verify x25519 private key ownership

Two issues to consider: 1) The x25519->ed25519 conversion is fragile. In particular, you must never use it to sign anything that is attacker-controlled. Also, if you convert the public key...

Cross-certify to prove ownership of endpoint keys

> Is the required configuration of client auth sufficient here? I don't think so; client auth doesn't stop the introduction server from giving out the ID of an endpoint server...

Implement Read and Write for Arc<T> for types where &T implements Read and Write, *and* it is safe to do so.

Sure! The general pattern I would like to follow is something like this, where a single object of an appropriate type is shared by a reader thread and a handle...

polyval, ghash: use powers of H to process multiple blocks at a time

[Arti](https://crates.io/crates/arti) would benefit from this a lot. Would it be okay if I worked on making @ericlargergren's code into a PR? (It is under a 3BSD license.) (Alternatively I _could_...

libevent organization members team needs update

I manage the domain name. Azat is leading dev efforts, but doesn't have a lot of time. He's still around, though.

libevent organization members team needs update

Thanks for all the interest! I've talked this over with Niels and Azat. Because many projects use libevent, we need to make sure we're only granting commit access to known...