|
|
|
|
|
|
by avsm
3965 days ago
|
|
|
> If that's the main aim, then I don't see why they don't build their capability/crypto model into one of the unikernel OSes, specifically one of those that has the strong type safety and process isolation they are also aiming for. They seem to be doing just fine with their current efforts, from which really interesting things like the MinimalT protocol has emerged. If I have one frustration, it's that they haven't released a reference implementation of it. I had a f2f conversation with DJB at Real World Crypto a few months ago and the explanation was completely reasonable: they are still working on cleaning it up and making it suitable for external consumption. I still want it today though :-) David Sheets did some work on rebuilding portions of the protocol in MirageOS: https://github.com/dsheets/ocaml-dnscurve . This level of interproject coupling is just fine by me -- the whole point of library OSs is that we can pick'n'mix these things much more easily over the years, and that's working out fine. |
|
|
Yes, collaborating in that way seems like a good approach.