Neal H. Walfield
Neal H. Walfield
In a [later paper](https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-stevens.pdf), Speeding up detection of SHA-1 collision attacks using unavoidable attack conditions (2017), Stevens writes (Section 8): > Our improved implementation was deemed effective enough for Git,...
That's an interesting idea. I was thinking that if we used a trait, one could use it everywhere. Then when attacks and mitigations are published against, say, SHA256, existing code...
I think that is a reasonable position, thanks.
> Some bad news on the migration front. We can't export secret keys out of GPG without knowing the passphrase. This is because GPG stores them using a different internal...
This is indeed a complicated topic. We address this issue in Sequoia using customizable [policy objects](https://docs.sequoia-pgp.org/sequoia_openpgp/policy/trait.Policy.html). A policy object includes a number of callbacks that are invoked when evaluating a...
There is also an example key here: https://bugzilla.mozilla.org/show_bug.cgi?id=1703368
@dwrensha: are you in principle interested in this type of MR? If so, is a crate for test data reasonable?
Thanks for following up. I agree with the desire to keep things self contained. My goal in this MR is to provide some realistic examples. Specifically, how one might use...
Thanks for taking the time to work on this.
I've implemented a streaming decoder. Please see this MR: https://github.com/alicemaz/rust-base64/pull/106