P.I.E. Security Team
P.I.E. Security Team
>In which cases do signatures add value over downloading the .zip files generated by GitHub over HTTPS? HTTPS is HTTP over TLS. TLS is **Transport Layer** Security (emphasis ours). What...
> I've tried to read up a bit on the topic and I must say that [the challenge](https://theupdateframework.github.io/security.html) appears to be so big it is daunting. It's generally ill-advised to...
https://github.com/paragonie/halite/blob/master/doc/Classes/KeyFactory.md#loadauthenticationkey You can load a key from a file. You can use environment variables to tell Halite which suffix to apply in the code that calls this. We aren't building...
> Though a .halite.prod environment support would have been great. We're not opposed to that feature existing. We just don't think it belongs inside Halite. For frameworks that do a...
Hi Graham, We're definitely interested in porting Halite to Python, but we're not sure when we can commit the time to build such a thing. When do you need it...
What do you mean by "the hex file being loaded"? Can you share a code snippet and a random throw-away example key that reproduces the same issue? Typically when we...
https://github.com/paragonie/halite/blob/7596d5cb25154092b524c34cb9ce2201db612ffc/src/KeyFactory.php#L769-L778
> fst_rsa_halite.txt You cannot use RSA keys with Halite. Please generate a new keypair within Halite and use that instead.
Yep, the documentation for `KeyFactory` is available here: https://github.com/paragonie/halite/blob/master/doc/Classes/KeyFactory.md
This seems related to #175. It's a feature that probably belongs inside a separate package that provides this functionality for Halite, rather than within Halite itself.