Versions Compared

Old Version 4

changes.mady.by.user Richard Esplin

Saved on

compared with

New Version 5

changes.mady.by.user Richard Esplin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Summary

Excerpt

Expected topics

  • Updates: PostgreSQL wallet storage, Maintainership requirements, incomplete request format refactor, Indy / Aries split
  • Ursa and AMCL:  Discussed in the Ursa call (August 21), but no decision yet.
  • Handling pull requests.

...

Examples of types of actions that are prohibited at Linux Foundation meetings and in connection with Linux Foundation activities are described in the Linux Foundation Antitrust Policy available at http://www.linuxfoundation.org/antitrust-policy. If you have questions about these matters, please contact your company counsel, or if you are a member of the Linux Foundation, feel free to contact Andrew Updegrove of the firm of Gesmer Updegrove LLP, which provides legal counsel to the Linux Foundation.

...

    • Catch up on previous calls:
      • Should track exceptions to Indy Node review policy in the Git commit message.
      • New Auth rules: If a non-owner can edit the attribs of a DID or rotate a DID key, then is the DID owner actually an owner?
    • Ursa and AMCL:  Discussed in the Ursa call (August 21), but no decision yet.
    • Architecture questions for Indy SDK, and progress on Indy / Aries split 
    • Handling pull requests.
      • How to handle old pull requests that failed DCO Checks? Close?
        • Closing the PR doesn't get rid of the work. The author can reopen at any time.
      • How to handle pull requests for IOS / Swift wrappers? Close and encourage the move to Aries?
      • How to handle pull requests for LibVCX? Deprecate?
      • Close PR https://github.com/hyperledger/indy-sdk/pull/1048 as something that will be replaced by the advanced schema work?
      • HIPE pull requests: https://github.com/hyperledger/indy-hipe/pulls
      • Kyle will continue reviewing PRs, but does not want to be a bottleneck slowing down the process.
    • Future calls:
      • Cancel the call September 30 for IIW
      • Cancel the call October 14
    • Should we do another security audit?
    • Non-secrets in the Indy Wallet
      • Cam is working on pluggable crypto. They wallet shouldn't decide what encryption you should be using.
      • Use cases where we would want to move keys between wallets
        • Moving the link secret / credential data from one device to another (synchronized storage).
        • Debug use cases
        • Richard's hit other uses cases that were better solved with DID Doc,  pre-signing, signing API.
      • Work-around with the web-crypto API

Future Calls

  • Define pull request review process for Indy Node.
    • Should define the process, including how we handle exceptions (emergency fixes shouldn't be blocked, but would require notification)
    • What is important in a good review?
  • Fully Qualified DID support in Indy SDK
  • fuzzing libindy https://github.com/AxelNennker/indy-sdk/tree/fuzzing/
    `cargo +nightly fuzz run fuzz_target_1 -- -only_ascii=1`
    Worried about unsafe code in libindy
    ```
    ignisvulpis@namenlos:~/development/hyperledger/indy-sdk/libindy$ find src -name \*\.rs -exec fgrep unsafe {} \; | wc -l
    61
    ```

...