...
- Vipin Bharathan
- Hart Montgomery
- Dave Huseby
- Michael Lodder
- Dan Middleton
- Cam Parra
- Jon Geater
- Manu Drijvers
- Brent Zundel
- Maryam Hezaveh
- Lovesh Harchandani
Updates
- Looking for speakers for
- ICMC '19
- Consensys Construct
- Ursa update–want to talk about active/incubation status
...
- Language bindings RFC.
- ML- no global variables in RUST that he knows of- possible in executables but not with libraries- using a map for lookup is not possible- gets wiped out when call to lib ends
- DH- Investigate more, we will go forward for now and alter if there are better methods
- Proposal: All maintainers to green check mark on RFCs
- Dan- idea is good but in practice may be delayed due to 5 more reviewers need.
- Approved with the caveat that if the delay is too great we will revisit this in a later meeting.
- Encryption API RFC
- Dave- I have issues with an interface where we are passing byte arrays and pointers across the FFI boundary, purely on security issues.
- Mike- Tried to figure out a way to get around it but don't know how to make globally allocated objects work in a Rust library that doesn't require manual ref counting in calling languages. Even languages that have garbage collection.
- Another idea would be to follow Mozilla's idea of Using protobufs to serialize + deserialize across the FFI boundary
- only concern is PrKs leakage.
- could instead pass filenames or key ids across the boundary and have Ursa load the PrK instead of the calling code loading the PrK and passing it across the FFI.
- We want to use Rust traits to make composable primitives to build up specific combinations of primitives (e.g. AES-GCM).
- National crypto standards discussion
- Dan- have some concerns of including crypto implementations that people don't think are safe.
- Dave- the point is not to
- ZMix RFC
- one is to be commented on MD two weeks rediscuss
Crypto- Rust traits will help us compose-
Encryption API–Dan M comments on national crypto.
Modularisation - internal architectural boundaries for mix and match for sovereign vs. non sovereign crypto- can be a mess in OpenSSL. Jon Geater- may cause a rethink on this with DH
...
- to endorse national standard crypto but to include it so that we have some control over how it is being used.
- need to make sure that we have strong checks and boundaries to avoid mixing national crypto and other crypto.
- going to use OpenSSL for national crypto support with an eye towards getting our own regulatory approval eventually
- Jon- has concerns about using OpenSSL because we'd be trusting it too much.
- in some situations mixing national crypto and non-national crypto is required, especially going in/out of China. this may require re-design of our checks and boundaries in the build system.
- to endorse national standard crypto but to include it so that we have some control over how it is being used.
- ZMix RFC
- one is to be commented on MD two weeks rediscuss
- AnonCreds
- Section 3.0.2 credential life cycle- Group owner vs. multiple issuers, Holder can send a different secret value - link secret binds
...
- them
- Credential Index- a number, set memberships, merkle trees, cryptographic accumulators.
- What is the link between this doc(Sovrin specific) and Ursa, needs to be updated to be generalized. (BBS signatures are Sovrin )
- Punts the algorithms to Bulletproofs paper. only in one algorithm is that made explicit.
- What are we doing for Ursa CI/CD
...
- Forming a committee to make a recommendation to TSC by June.
- K8 cluster looks like the best way forward.