Re: bad bignum encoding for curve25519-sha256@xxxxxxxxxx

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Thu, Apr 24, 2014 at 11:15:49AM +1000, Damien Miller wrote:
> On Wed, 23 Apr 2014, Bryan Drewery wrote:
> 
> > Am I the only one who finds a bugfix non-release via unsigned mail with
> > an inline patch a problem?
> 
> It's only a problem if you can't/won't read the code.
> 
> -d

I don't think Bryan's comment is without merit. When I saw the ML patch
I reconstructed it from commits in portable's git repo for my own peace
of mind [1].

Would it be possible to have "official" patches provided via the ML be
PGP-signed in the future? I think many would appreciate it.

--mancha

PS Also, not sure what git you use on mindrot but by way of FYI, as of
version 1.7.9, git allows PGP signing individual commits (e.g. git
commit -S -m "blah").

=========
[1] Ingredients of Curve25519 bugfix patch:
https://anongit.mindrot.org/openssh.git/commit/?id=adbfdbbdcc
https://anongit.mindrot.org/openssh.git/commit/?id=9395b28223
https://anongit.mindrot.org/openssh.git/commit/?id=0e6b67423b
https://anongit.mindrot.org/openssh.git/commit/?id=b628cc4c3e

Attachment: pgpuFH3IDuNPZ.pgp
Description: PGP signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux