libecc
Stéphane Neveu
stefneveu at gmail.com
Sun Aug 27 12:40:08 UTC 2017
Hi Lukas,
> Though some efforts have been made to have (most of) the core
> algorithms constant time, turning libecc into a library shielded
> against side channel attacks is still a work in progress.
>
> I think this means that the library is not yet ready for production use.
>
>
> I'm stopping my review here, since at this point I don't think we
> should package libecc in Debian (yet). If you think otherwise,
> convince me and I'll continue reviewing & working on the package
> together with you :) .
>
You are absolutly right, I'll ask the guys maintaining the upstream
code about it and I keep you in touch of course.
> Regards
> Lukas
Thank you.
Best regards,
Stéphane
More information about the Pkg-security-team
mailing list